Recently it was released that Kaiser Permanente allowed third-party companies, including major tech firms like Google and Adobe, access to patients’ private health information without their consent resulting in a breach. This was reportedly done through tracking technologies embedded in Kaiser’s website and patient portal, which were used for advertising and analytical purposes. The lawsuit claims that this practice violated multiple privacy laws, including the Health Insurance Portability and Accountability Act (HIPAA) and the Electronic Privacy Communications Act.


According to TechCrunch, Kaiser will begin notifying 13.4 million patients of the breach starting in May.


We’ll have additional guidance in the very near future. In the meantime, please be sure to keep an eye out for new information as it’s released.