How Do Tracking Technologies Violate HIPAA?
It all comes down to Protected Health Information, or PHI, which is any of the eighteen HIPAA identifiers combined with specific health information.
Name and email are obvious identifiers, but native trackers automatically collect IP addresses and device IDs, which are also considered identifiers.
When it comes to your website, visits to a page about a specific condition, a search for a doctor, or booking an appointment would be considered health information.
When you combine the two ingredients and share that data with a destination that is not HIPAA-compliant, this is where you run the risk of privacy violations. And that’s exactly what the tracking technologies on your website do.