Reading Time: 2 minutes

Health related information is very personal, which makes it prized by businesses and by cyber criminals.

A study conducted by Timothy Libert, a doctoral student at the University of Pennsylvania’s Annenberg School for Communication has found that there is a significant risk to your privacy whenever you visit a health related web page. His analysis of over 80,000 such web pages concludes that nine out of ten visits to such sites result in personal health information being leaked to third parties, including online advertisers and data brokers.

Web Sites Leak

These findings are reported an article in the March 2015 issue of Communication of the ACM.

Online advertisers and data brokers may use this information for non-malicious marketing efforts, but health data may also connect important personal details with actual name and identify of the person. This type of data is a goldmine for fraudsters.

In addition, such heath data can be highly sensitive result in negative evaluations for credit and financial transactions.

Libert create a software utility that monitors Hypertext Transfer Protocol (HTTP) requests initiated to third party advertisers and data brokers. He found that 91 percent of health-related web pages initiate HTTP requests to third-parties and most include highly personal and sensitive information. Most of these requests go to a handful of online advertisers Google. Comsore and Facebook and two data data Experian and Acxiom. Data brokers sell information they collect regarding visits to health websites. There is concern that person visiting such sites are may be discriminated against by potential employers, retailers, or anybody else with the money to buy the data.

Under the Affordable Care Act, aka Obamcare, the US government is encouraging the digitization of medical records. Healthcare is one of the last industries to remain tied to paper base data collection. While this may produce great benefits and improvements in healthcare security, it also has raised privacy and security concerns given the sensitive nature of the information, which often includes financial information for payments and collections.