The Curated Daily
← Back to the archiveDispatch · 6 min read
Dispatch

US healthcare marketplaces shared citizenship and race data with ad tech giants

By the editors·Monday, May 4, 2026·6 min read
Scrabble tiles spelling 'Health Insurance' on planner with pills and laptop, symbolizing healthcare planning.
Photograph by Leeloo The First · Pexels

The recent revelations about US healthcare marketplaces sharing sensitive information – including citizenship and race data – with advertising technology (ad tech) giants are deeply concerning. This isn't just a privacy issue; it has significant financial implications for individuals. This article will break down what happened, why it’s dangerous, and what steps you can take to protect yourself and your financial well-being.

The Data Leak: What Happened?

Several major US healthcare marketplaces, platforms used to shop for health insurance, were found to be transmitting incredibly sensitive user data to ad tech companies. This data included not only basic demographic information but also details about:

  • Citizenship status: This is particularly sensitive and potentially discriminatory.
  • Race and ethnicity: Sharing this data raises ethical and legal concerns.
  • Health conditions & prescriptions: While this wasn't the primary focus of the leak, the surrounding infrastructure makes it vulnerable.
  • Income levels: Often inferred or directly requested during the application process.

The data was reportedly transmitted via pixel tracking—small, often invisible, code snippets embedded in websites and emails. These pixels allow ad tech companies to collect data on user behavior and build detailed profiles. The marketplaces argued they used these pixels for analytics to understand how users were interacting with their platforms. However, the extent of data sharing, and the type of data shared, far exceeded what was necessary for basic analytics.

*Image suggestion: A graphic depicting data flowing from a health insurance website to various ad tech logos (Google, Facebook/Meta, etc.).

Why is This a Financial Risk?

The sharing of this data isn’t just about violating privacy; it opens the door to significant financial risks. Here’s how:

  • Discriminatory Advertising: Ad tech companies can use this data to target individuals with predatory financial products. For example, someone identified as having a chronic health condition could be targeted with high-interest loans or expensive, unnecessary health supplements.
  • Price Discrimination: Your health data could be used to subtly increase the price of insurance, financial products, or even everyday goods and services. While outright denial of services based on health status is illegal, price manipulation is more difficult to detect.
  • Identity Theft & Fraud: The combination of personal and health information creates a rich profile for identity thieves. This information can be used to file fraudulent insurance claims, open credit accounts, or access existing financial resources. Consider investing in robust identity theft protection like .
  • Targeted Scams: Knowing someone's health status or income level makes them a more attractive target for scams. Scammers can tailor their pitches to exploit vulnerabilities.
  • Employment Discrimination (Potential): Though less direct, there's a risk that this data could, indirectly, find its way to employers, potentially influencing hiring decisions.
  • Higher Insurance Premiums: Although not immediate, accumulated data patterns could contribute to risk assessments used by insurance companies, potentially leading to higher premiums in the long run, even if not directly related to a specific condition.

How Does Ad Tech Profit From This?

Ad tech companies operate on the principle of targeted advertising. The more they know about you, the more valuable you are to advertisers. Here's a simplified breakdown:

  1. Data Collection: Pixels and other tracking technologies collect data on your online behavior.
  2. Profile Building: This data is aggregated and used to build a detailed profile of your interests, demographics, health status, and financial situation.
  3. Targeted Advertising: Advertisers pay ad tech companies to show ads to specific segments of the population. The more precise the targeting, the more advertisers are willing to pay.
  4. Profit: Ad tech companies generate revenue by selling access to their targeted advertising platforms.

The healthcare data leak supercharges this process. Health data is incredibly valuable because it's highly predictive of future behavior and spending.

*Image suggestion: A flowchart illustrating the process of data collection, profile building, targeted advertising, and profit within the ad tech ecosystem.

Which Marketplaces Were Involved?

Reports initially focused on several major marketplaces, including:

  • HealthCare.gov: The federal healthcare exchange.
  • Covered California: California's state-based exchange.
  • NY State of Health: New York’s state-based exchange.

Investigations are ongoing, and it's likely that other marketplaces are also involved. The problem isn’t necessarily that these marketplaces intentionally set out to leak data, but rather that they lacked adequate safeguards to prevent it. The use of third-party tracking technologies without proper controls created a vulnerability that was exploited.

What Laws Are Being Broken?

Several laws may have been violated, depending on the specifics of the data sharing and the intended use of the data. These include:

  • HIPAA (Health Insurance Portability and Accountability Act): While HIPAA primarily governs healthcare providers and insurers, it may apply to marketplaces if they are considered "business associates" of covered entities.
  • State Privacy Laws: States like California (CCPA/CPRA) and Virginia (VCDPA) have comprehensive privacy laws that give consumers more control over their personal data.
  • Federal Trade Commission Act: The FTC has the authority to investigate unfair or deceptive trade practices, including data privacy violations.
  • Civil Rights Laws: Sharing data related to race and citizenship status can violate civil rights laws prohibiting discrimination.

The legal landscape is complex and evolving. Lawsuits have already been filed, and further legal action is expected.

How to Protect Yourself Financially & Your Privacy

Here are steps you can take to mitigate the risks associated with this data leak:

  • Review Your Privacy Settings: Adjust the privacy settings on your health insurance provider’s website and any related apps. Opt out of data sharing wherever possible.
  • Use a Privacy-Focused Browser: Browsers like Brave and DuckDuckGo block trackers by default.
  • Install a Privacy Extension: Browser extensions like Privacy Badger and Ghostery can block trackers and protect your privacy.
  • Monitor Your Credit Report: Regularly check your credit report for any unauthorized activity. Consider using a credit monitoring service like .
  • Be Wary of Targeted Ads: Pay attention to the ads you see online. If you notice ads that seem unusually relevant to your health or financial situation, be cautious.
  • Secure Your Financial Accounts: Use strong, unique passwords for all of your financial accounts. Enable two-factor authentication whenever possible.
  • Limit Data Sharing: Be mindful of the information you share online, especially on websites and apps that aren't directly related to healthcare.
  • Review Insurance Policies: Understand what data your health insurance provider collects and how they use it.

The Future of Healthcare Data Privacy

This data leak is a wake-up call. It highlights the need for stronger regulations and greater transparency in the healthcare industry. Consumers need more control over their personal data, and ad tech companies need to be held accountable for their data practices. We can expect to see increased scrutiny of data sharing practices and potentially new legislation aimed at protecting healthcare data privacy.

*Image suggestion: A shield with a medical cross inside, representing data privacy and security in healthcare.

Disclaimer:

This article contains affiliate links. If you click on a link and make a purchase, we may receive a commission at no extra cost to you. This helps support our work and allows us to continue providing valuable content. We only recommend products and services that we believe are beneficial to our readers.

This information is for general educational purposes only and should not be considered financial or legal advice. Consult with a qualified professional for personalized guidance.

Pass it onX·LinkedIn·Reddit·Email
The Sunday note

If this was your kind of read.

Sign up for the morning email — short, hand-written, and sent only when there's something worth your time.

Free, sent from a person, not a system. Unsubscribe in one click whenever.

Keep reading

The archive →
Healthcare Data PrivacyMay 4, 2026

Your Health Data Sold? US Healthcare Marketplaces & Ad Tech Giants

Discover how US healthcare marketplaces shared sensitive citizenship & race data with ad tech companies, raising privacy and financial security concerns. Learn what it means for you.

Healthcare Data PrivacyMay 4, 2026

Your Health Data, Sold? How Healthcare Marketplaces Shared Information with Ad Tech

Recent revelations show US healthcare marketplaces shared sensitive citizenship and race data with advertising technology companies. Explore the financial & privacy implications.