The leak might have also included patients’ responses to self-evaluations about their drinking habits, something Monument clearly says are “protected” …
Alcohol Counseling Companies Leaked Patient Personal Data to Advertisers for Years
The Verge reports:
Online alcohol recovery services Monument and Tempest admitted to sharing private patient information with advertisers for years, as reported earlier by TechCrunch. In a disclosure filed with the California Attorney General, Monument (which acquired Temple in 2022) says the tracking tools used on both services “may have shared” names, birthdates, email addresses, phone numbers, home addresses, insurance information, and more to advertisers.
Monument and Tempest, which both provide resources for patients struggling with alcohol addiction, say the leak might have also included patients’ responses to self-evaluations about their drinking habits, something Monument clearly says are “protected” and used only by its care teams. The companies blame the breach on the pixel tracking tools they included on their sites for advertising purposes.
Monument says it reviewed its use of tracking pixels after the US government issued guidance to health companies about them in late 2022. In a bulletin published by the Department of Health and Human Services (HHS), the agency warns health companies that they might be held liable for violating patient privacy through the use of pixel-tracking tools.
Monument and Tempest’s cases are remarkably similar to recent data leaks involving online health services
