Are you an avid Facebook user? You might be seeing ads or posts for Facebook’s new Preventive Health tool. In October 2019, Facebook announced it would begin rolling out an interactive health screening platform. Preventive Health takes the user’s demographic data and provides recommendations for health screenings. We’ll dive into the platform’s features and functions, how Facebook might handle your data, and what this means for HIPAA compliance and data security.
What Does the Platform Do?
Preventive health was designed with guidelines from the American Cancer Society, the American College of Cardiology, the American Heart Association, and the Centers for Disease Control and Prevention.
According to Facebook, users can:
- learn which checkups are recommended for people of their age and gender
- get information about how they can stay healthy
- track their completed actions and set reminders for future checkups
- find affordable nearby healthcare providers
- share resources with friends and family
What is Facebook Doing With Your Data?
First, Preventive Health starts by using data that is already publicly available as part of your Facebook profile – your age and gender. While you can find doctors, set up reminders for screenings, and mark tasks as complete, Facebook’s head of healthcare research Freddy Abnousi told The Verge that Facebook will not have access to information from your medical records or your doctor’s office.
Facebook has also said the information you share will be securely stored, with restricted access to employees who work on the product or maintain Facebook’s systems. Facebook will not share personal information about your activity within Preventive Health to third-parties like health care organizations or insurance policies, and data will not be used to serve ads. Finally, users can share the app itself, but not the information within it – so you won’t risk sharing your annual flu shot reminders with your college friends and in-laws.
Is Your Data Really Safe?
Despite Facebook’s reassurances, experts argue that your data isn’t as safe as you might think. The Health Insurance Portability and Accountability Act (HIPAA) was established to protect electronic medical records in 1996. Policy experts Lisa Bari and Daniel P. O’Neill argue in Health Affairs that although Preventive Health does not directly access your HIPAA-protected medical records, the health information that you share on social media is not protected by HIPAA.
Research has shown that de-identified individual data can be easily re-identified. This means that highly personal health information you share with Facebook is not legally protected, and could potentially be traced back to you.
So, Should You Use Preventive Health?
Facebook’s Freddy Abnousi maintains that Preventive Health is a useful tool to connect people with health information and services. Skeptics argue that in an era of data breaches and outdated security laws, the information you share just might come back to haunt you. As the Silicon Valley adage goes, if you’re not paying for the product, the product is you.
The good news is that not using Preventive Health won’t cost you anything. Will Facebook users want to book their blood pressure tests in between browsing their friends’ vacation photos? Only time will tell.