California’s state-run health insurance marketplace, Covered California, has come under scrutiny for transmitting users’ sensitive health information to LinkedIn without their knowledge. The data shared included details about users’ pregnancy status, prescription drug usage, and other personal health information. This information was collected through LinkedIn’s advertising tools embedded on the Covered California website.
The data sharing was part of an advertising campaign aimed at understanding consumer behavior and delivering tailored messages. However, privacy advocates have expressed concern over the unauthorized transmission of such sensitive information. Sara Geoghegan, senior counsel at the Electronic Privacy Information Center, described the practice as “concerning and invasive,” emphasizing that users do not expect their health information to be collected and used in this manner.
In response to the revelations, Covered California stated that the data collection was inadvertent and that access to the information was limited to credentialed users managing the organization’s LinkedIn account. The agency has since disabled all active advertising-related tags across its website and initiated a comprehensive review of its information security and privacy protocols.
The incident has raised questions about potential violations of the Health Insurance Portability and Accountability Act (HIPAA). Representative Kevin Kiley (R-CA) has called for an investigation into the matter, highlighting the need to safeguard consumers’ personal health information.
The incident reignites broader concerns about the integration of Big Tech into public institutions and the growing risks posed to individual privacy. With millions of Americans depending on government healthcare exchanges, trust in the security and integrity of these systems remains a critical issue.
