A study published in the March 2015 issue of Communications of the ACM (Association for Computing Machinery) revealed that 91% of health-related websites initiated some type of HTTP request (HTTP is a request/response protocol, by which, for example, a computer sends a request for a file and the web server sends back a response) to third parties and that approximately 70% of those requests included sensitive information about specific symptoms, treatments, or diseases.

The study looked at 80,142 unique health-related web pages, which were identified by compiling responses to search queries for 1,986 common diseases.  Of all the pages examined, 91% initiated some form of third-party HTTP request.  Commercial pages had the most third-party requests, and education pages had the least third-party requests.  Non-profit pages and government pages fell in the middle.

HTTP requests often include the uniform resource identifier (URI) of the page being viewed (“known as the Referer”).  “The ‘Referer’ contains the address of the page the user is currently viewing.”  The study reviewed a sample of the URIs taken, and found “70% contained information related to a specific symptom, treatment, or disease.”

The study also investigated the corporate ownership of the third parties that were receiving this information.  They include advertising companies and data brokers, which each present their own risks.  As explained in the paper, with advertisers there is a potential for blind discrimination whereby the online advertisers use the data collected in some way to influence advertising decisions, for example, through targeted advertising.  Data brokers present a risk of personal identification, as they may attempt to aggregate and correlate as much personal data as possible to enhance the market value of the data they hold.

 

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Krysten Rosen Moller Krysten Rosen Moller

Krysten Rosen Moller focuses her practice on representing clients in internal investigations, government investigations, and follow-on civil litigation, with an emphasis on serving clients in the life sciences and healthcare industries.

Krysten assists companies with complex internal and government investigations covering a broad…

Krysten Rosen Moller focuses her practice on representing clients in internal investigations, government investigations, and follow-on civil litigation, with an emphasis on serving clients in the life sciences and healthcare industries.

Krysten assists companies with complex internal and government investigations covering a broad range of issues, including fraud and abuse, advertising and promotion, and bribery and corruption. Krysten has particular experience conducting targeted and efficient internal investigations and representing pharmaceutical and medical device companies against investigations from the Department of Justice or other government regulators. Krysten’s complementary litigation practice focuses on defending life sciences and healthcare companies in related litigation, including cases arising under the False Claims Act and other follow-on litigation arising from government investigations.

Krysten also counsels clients on compliance matters. She regularly represents companies negotiating HHS OIG Corporate Integrity Agreements (CIAs) and advises companies on implementing and operating under CIAs. She has also conducted False Claims Act risk assessments and advised on other fraud and abuse issues.