New York Attorney General Letitia James today secured $300,000 from The NewYork-Presbyterian Hospital (NYP) for disclosing the health information of individuals who visited their website. An investigation by the Office of the Attorney General (OAG) found that the hospital used advertising tools on its website that collected and shared private and personal information with third-party tech companies when visitors used the website to search for doctors or book appointments, in violation of the Health Insurance Portability and Accountability Act (HIPAA). As a result of today’s settlement, NYP has agreed to change its policies, secure the deletion of protected health information, and maintain enhanced privacy safeguards and controls.
