New York-Presbyterian Hospital (NYP) has been notified of its use of tracking and analytics tool on its website may have resulted in sharing patients’ information with developers. The healthcare facility first began using the tool from third-party service providers to better understand how visitors interacted with the website, allowing them to improve external communication, monitor community engagement and make it easier for patients to connect.
NYP first learned that patient information may have been accessed by third-party technology service providers in January 2023. Upon review, the facility determined that the tracking and analytics tools accessed IP addresses and the URL/website addresses of the pages visited, which may have included the provider name and specialty listed on the website. Certain tools were also able to access first name, last name, email address, mailing address and gender information.
At the time of report, there has not been any evidence that the trackers and analytics tool captured financial information, passwords, payment information, social security numbers or sensitive numbers. The tools also did not collect any protected health information from patient medical records.
Approximately 54,396 patients' data was compromised.
Upon learning the information, NYP disabled the trackers and worked with a forensic firm to conduct a full analysis of the information that the tools collected and shared.
Spaces That Support: Patient-Centered Design for Modern Reproductive Health
Modernization of Buildings Require Collaboration Across All Disciplines
Children's Health Announces Plans for RedBird Specialty Center in Texas
How Can Healthcare Facilities Use Efficiency to Drive Climate and Health Goals?
El Camino Health Rehabilitation Hospital Officially Tops Out