Privacy Lawsuit Investigation: Is Your Hospital Sharing Your Medical Information?
Last Updated on November 3, 2025
Investigation Complete
Attorneys working with ClassAction.org have finished their investigation into this matter. Check back for any potential updates. You can also sign up for our free newsletter for the latest in class action news and settlements.
If you still have questions about your rights, contact an attorney in your area as there is a time limit for filing all lawsuits. The information on this page was posted when the investigation began and is now for reference only.
Free Consumer Tools:
- Open and Current Class Action Lawsuit Settlements and Rebates
- Open and Current Class Action Lawsuit List, Investigations
- Class Action Lawsuit and Settlement News
- Free Class Action Lawsuit Database
At A Glance
- This Alert Affects:
- Patients who booked an appointment through or accessed the patient portal of any of the hospital websites listed below.
- What’s Going On?
- Attorneys working with ClassAction.org are investigating whether the websites of certain hospitals are illegally sharing patients’ private information with Facebook and, if so, whether class action lawsuits could be filed as a result.
- How Could a Class Action Help?
- Potentially, class action lawsuits could provide patients with compensation for violations of their privacy rights. A successful case could also force hospitals found to be in violation of the law to make certain changes to their websites to prevent patient information from being illegally shared.
- What Information Could Be Getting Shared?
- Patient names, appointment information, details on medical conditions, prescription information and more.
Attorneys working with ClassAction.org would like to speak to patients of certain U.S. hospitals as part of an ongoing privacy investigation.
Specifically, they want to hear from those who booked an appointment through or accessed the patient portal of any of the following hospitals’ websites.
- Alvarado Hospital Medical Center
- Centinela Hospital Medical Center
- Chino Valley Medical Center
- Community Regional Medical Center
- Dameron Hospital
- Desert Valley Hospital
- Encino Hospital Medical Center
- Hollywood Presbyterian Medical Center
- Huntington Health
- Kaweah Delta Medical Center
- Madera Community Hospital
- Methodist Hospital of Southern California
- Paradise Valley Hospital
- Redlands Community Hospital
- Ridgecrest Regional Hospital
- Salinas Valley Memorial Hospital
- Sherman Oaks Hospital
- Tri-City Medical Center
- UCI Health
- Valley Presbyterian Hospital
If you used one of the websites listed above to make an appointment or access your account, it’s possible that some of your medical information may have been illegally shared with Facebook.
How Could My Information Be Getting Shared?
It’s being investigated whether the hospitals listed above have embedded Facebook’s tracking pixel on their websites and allowed sensitive medical data to be sent to the social media giant.
Indeed, non-profit newsroom The Markup reported on June 16, 2022 that 33 of the country’s top 100 hospitals had the pixel sending patient data to Facebook when an appointment was made online. According to the report, seven health systems also had the tracking code installed in their online patient portals.
It’s possible that the practice of sharing patient data is even more widespread and could be considered a violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Under the HIPAA, hospitals and other healthcare providers cannot disclose protected health information without the patient’s consent or knowledge.
What Information Could Be Getting Sent to Facebook?
Attorneys working with ClassAction.org are looking into whether information as sensitive as the following is being sent to Facebook:
- Details of medical conditions
- Prescription information
- Appointment information, including the patient’s name, the time and date of the appointment, the doctor’s name, the doctor’s field of medicine and the search terms used to book the appointment
- Allergy information
- Other personal data, such as sexual orientation
The Markup found instances in which each of the above data points were sent to Facebook along with users’ IP addresses, which can be used to identify an individual or household.
How Could a Class Action Lawsuit Help?
If filed and successful, class action lawsuits could provide patients with compensation for any violation of their privacy rights. It could also force any hospital found to be illegally sharing patient information to change the way their website operates.
Before commenting, please review our comment policy.