Are Drug Companies and Wellness Companies Sharing Your Health Data?
Do you have a Facebook, Google, TikTok, or Microsoft account? Have you visited a drug company or wellness clinic/medspa website in the past two years?
Chimicles Schwartz Kriner & Donaldson-Smith LLP (CSK&D) is investigating whether certain drug companies, medical spas and wellness centers are secretly sharing your sensitive health and personal information with major tech platforms without your consent.
What’s happening?
Many healthcare and wellness websites use “pixels”—small pieces of code embedded that track what you do online. These pixels can capture details you enter, such as health conditions, prescriptions, and treatment interests, and send that information to companies like Meta/Facebook, TikTok, Google, and Microsoft.
This data may then be linked to your social media accounts and used for targeted advertising, raising serious privacy concerns and potential violations of HIPAA and state laws.
Companies we are investigating:
- AstraZeneca Direct – A direct-to-consumer online pharmacy launched by AstraZeneca that ships select medications (e.g. Airsupra, Farxiga, FluMist) directly to patients at discounted cash prices.
- LillyDirect – A digital health platform and online pharmacy from Eli Lilly that delivers medications for chronic conditions like diabetes, obesity, and migraines directly to patients’ homes (e.g. Mounjaro, Zepbound, Emgality, Jaypirca, Retevmo, Olumiant, Omvoh, Reyvow, Lyumjev, Kisunla, Ebglyss)
- Sanofi/Dupixent MyWay CoPay Card – A program offered by Sanofi and Regeneron to help eligible patients with commercial insurance reduced copay costs for the specialty medication Dupixent through online enrollment into their copay savings card program.
- FuturHealth – A membership-based telehealth service offering personalized weight loss programs, including GLP-1 medications (Ozempic, Wegovy, Zepbound, and other semaglutide and tirzepatide compounds), nutritional counseling, and virtual consultations.
- FormHealth – A virtual medical weight-management and prescription medication program (Wegovy, Zepbound, Saxenda, Contreve) that connects patients with a Care Team, including board-certified physicians and registered dietitians.
- VIO Med Spa – A franchise medical spa offering cosmetic and wellness treatments such as Botox, dermal fillers, Hydrafacials, microneedling, laser resurfacing, body contouring, and hormone therapy.
- Prime IV Hydration & Wellness – A franchise of IV hydration and wellness spas offering intravenous vitamin infusions and other services in a spa-like setting, marketed as a “one-hour vacation” to boost energy, enhance immunity, and improve overall health.
What exactly are they collecting?
Pixels can capture and transmit:
- Personal identifiers – Name, email address, phone number, and location data entered on forms.
- Health-related details – Conditions, symptoms, medications, and treatment interests shared during sign-up or consultations.
- Financial information – Payment details or insurance information entered for prescriptions or services.
- Interaction data – Clicks, page views, and chat messages exchanged on the site.
This information may be linked to your social media or search accounts, creating detailed profiles for targeted advertising—often without your knowledge or consent.
Do you qualify?
You may qualify if:
- You have a Facebook, TikTok, Google, or Microsoft account
- You visited any of the above websites within the last two years
- You entered health-related information or interacted with their online forms
Why does this matter?
HIPAA and state privacy laws prohibit healthcare entities from sharing protected health information for marketing without consent. If these companies transmitted your data without authorization, you may have legal rights.
What should you do?
If you suspect your information was shared without consent, please complete the questionnaire below. Your input helps us hold companies accountable for potential privacy violations.
Questionnaire:
(*) Indicates required field: When communicating with us through this site or otherwise in connection with a matter for which we do not already represent you, your communication may not be treated as privileged or confidential, and does not create an attorney-client relationship between you and our Firm.
