Kaiser Permanente notifies 13.4M patients of potential data exposure
Kaiser Permanente informed 13.4 million current and former members and patients who accessed its websites and mobile apps that certain online tracking technologies may have transmitted personal information to third-party vendors Google, Microsoft Bing, and X when members accessed those websites or apps.
In a statement, Kaiser said the information involved was limited to the following: IP addresses and names; information that could indicate a member or patient was signed into a Kaiser Permanente account or service; information showing how a member or patient interacted with and navigated through the website and mobile applications; and search terms used in the health encyclopedia.
Kaiser first reported the incident April 12 to the U.S. Department of Health and Human Services (HHS). The large non-profit healthcare provider said that no usernames, passwords, Social Security numbers, financial account information, or credit card numbers were included in the transmission to the third-party tech companies.
“Kaiser Permanente conducted a voluntary internal investigation into the use of these online technologies, and subsequently removed them from the websites and mobile applications,” said Kaiser in its statement. “Kaiser Permanente is not aware of any misuse of any member’s or patient’s personal information.”
/cloudfront-us-east-2.images.arcpublishing.com/reuters/DFJYDZQLEJJF3F66K4NZMK4CCQ.jpg)
