Beware health searches: Web data may be leaked to third parties

Patients who search on health Websites may find that touchy terms such as herpes and depression may be leaked to third party tracking sites, according to research by University of Southern California professor.

In a research letter published by JAMA Internal Medicine, a JAMA Network publication, Marco D. Huesch, M.B.B.S., Ph.D. at USC found six or seven popular health sites had at least one third party tracking element. Huesch used a sample of 20 sites and commercial interception software to highlight the data swapping.

The upshot is that folks conducting health searches may want to stick to U.S. government sites or physician oriented sites. Huesch said in his research letter:

A patient who searches on a "free" health-related Web site for information related to "herpes" should be able to assume that the inquiry is anonymous. If not anonymous, the information knowingly or unknowingly disclosed by the patient should not be divulged to others.

Unfortunately, neither assumption may be true. Anonymity is threatened by the visible Internet address of the patient's computer or the often unique configuration of the patient's Web browser. Confidentiality is threatened by the leakage of information to third parties through code on Web sites or implanted on patients' computers.

Huesch noted that generally speaking the data collected by Web sites and third parties can improve ad targeting and overall user experience. The catch is that tracking isn't addressed well in legislation and regulations and health care information can lead to embarrassment, discrimination or avoidance by marketers.

Now Huesch couldn't determine whether the leaked information was used or misused by third parties. The point is that the leakage could lead to privacy headaches later.

For now, Huesch recommended that health searches are conducted on professional societies or government sites or consumers use privacy tools such as DoNotTrackMe and Ghostery to search sensitive terms.