Class Actions Lawsuits
Data Breach

Meta / Facebook Pixel Healthcare Data Privacy Litigation

Data Breach class action lawsuit

Case Overview

Meta's 'Pixel' is a snippet of JavaScript code that website operators embed to track visitor behavior and serve targeted advertisements. Beginning in 2022, investigative reporting revealed that hundreds of U.S. hospitals — including some of the largest health systems in the country — had placed the Meta Pixel on password-protected patient portals and appointment-scheduling pages. This allowed Facebook to receive data about users' medical conditions, doctors searched, and appointments booked, all without patients' knowledge or HIPAA-compliant authorization. Class action lawsuits rapidly followed, targeting both Meta and the healthcare providers themselves.

The consolidated litigation in the Northern District of California alleges violations of the federal Electronic Communications Privacy Act, the California Confidentiality of Medical Information Act, and various other state privacy statutes. Separately, the Department of Health and Human Services issued guidance warning that use of tracking technologies on patient-facing healthcare websites likely violates HIPAA. Numerous individual hospitals have reached preliminary class settlements, and Meta itself faces ongoing litigation. The cases highlight growing regulatory and legal scrutiny of adtech surveillance in sensitive healthcare contexts, with plaintiffs seeking statutory damages, injunctive relief, and disgorgement of advertising profits derived from the unlawfully obtained data.

Who May Qualify

U.S. residents who used the website or patient portal of a hospital or healthcare provider that embedded the Meta Pixel, and whose protected health information (such as medical conditions, appointment details, or prescription searches) may have been transmitted to Meta without their consent.

Frequently Asked Questions

What is the Meta Pixel healthcare lawsuit about?

The lawsuits allege that hospitals and health systems placed Meta's advertising tracking tool (the 'Pixel') on their patient-facing websites, causing sensitive medical data to be sent to Facebook without patients' knowledge or HIPAA authorization. Plaintiffs seek damages for privacy violations under federal and state law.

Which hospitals are involved in the Meta Pixel data privacy lawsuits?

Dozens of major health systems have been named as defendants in related actions, including UCSF, Advocate Aurora Health, WakeMed, and others. Meta Platforms itself is also a central defendant. The specific hospitals involved vary by individual lawsuit.

How do I know if my medical data was shared with Facebook?

If you used an online patient portal or scheduled a medical appointment online at a hospital between approximately 2016 and 2023, your data may have been tracked. You can consult a privacy attorney or monitor settlement notices from your healthcare provider to determine if you are included in a class.