A Cedars-Sinai health care patient is suing the health system and hospital for allegedly sharing private patient information with such platforms as Meta and Google without his permission via the Cedars-Sinai website.
The plaintiff was identified only as John Doe in the proposed Los Angeles Superior Court class-action lawsuit, the allegations of which include invasion of privacy, breach of contract, negligence and violations of the state’s Confidentiality of Medical Information Act and Unfair Competition Law.
The suit filed Friday seeks unspecified compensatory and punitive damages as well as an injunction against such sharing of information with third parties without the patient’s permission.
A Cedars-Sinai representative said Tuesday the hospital and health care service do not comment on pending litigation.
According to the suit, the information at issue is gathered on the Cedars-Sinai website on which patients are encouraged to research their medical symptoms and health issues, identify doctors who can treat their specific conditions, set medical appointments and make other choices related to their personal health care.
“When doing this, patients convey highly private information, including medical information, through the website,” the suit states.
Doe and other patients believed Cedars-Sinai would keep their information private, but the defendants instead took the opposite course by sharing the patients’ personal information with such platforms as Meta, Google, Microsoft Bing and other marketing and social media outlets, the suit alleges.
The information was relayed to the third parties by use of a tracking code embedded in the Cedars-Sinai website for the sole purpose of sharing such information with marketing entities, the suit states.
“This code served as real time wiretaps on patients’ communications,” the suit states. “Cedars-Sinai’s goal in installing the tracking code was not to provide any benefit to its patients, but only to itself.”
By installing the tracking code, Cedars-Sinai enabled the marketing entities to use patients’ private information to target them with advertising by additional unrelated businesses, the suit states. As an example, according to the suit, if a patient made an appointment with a doctor for treatment of cancer, the tracking code Cedars-Sinai put on its website conveyed that information to Meta, which in turn allowed Meta to include that patient in marketing target groups that it offered to its other advertising clients who wanted to market to cancer patients.
“Cedars-Sinai facilitated this communication without authorization … because it did not give … any hint that the transmission was happening,” the suit states.