frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

US healthcare marketplaces shared citizenship and race data with ad tech giants

https://techcrunch.com/2026/05/04/us-healthcare-marketplaces-shared-citizenship-and-race-data-with-ad-tech-giants/
220•ZeidJ•2h ago

Comments

ZeidJ•2h ago
Bloomberg Study: https://www.bloomberg.com/features/2026-healthcare-advertisi...
shevy-java•1h ago
The US citizens will have to fight down those corporate overlords. It is now really just shameful how they leech off of the common man (and common woman). People in democracies outside of the USA shake their head in sadness now. Even Canada is doing better here - don't tell anyone the crazy orange king, for he may begin to potty-mouth and threaten them with invasion again.
aksss•58m ago
corporate overlords? These are the state governments selling your data. The call is coming from inside the house. The sooner we realize that government is comprised of the same slithering slime of human greed and laziness, the more realistic discussions we can have.
josefritzishere•1h ago
How is this not a HIPAA violation?
dekhn•1h ago
HIPAA as a law is intended to ease transfer of medical information, not restrict it.
ux266478•1h ago
That's not true. It's intended to define a regulated and standard means of transferring medical information while ensuring confidentiality and patient privacy.

https://www.hhs.gov/hipaa/for-professionals/privacy/laws-reg...

You have to explicitly grant permission for your data to be sold. What's very likely is that either the healthcare provider or insurance company included a request for authorization to sell that data, and the authorization was signed without paying much attention to it.

dekhn•1h ago
You're referring to the privacy rule, which is only part of the law (and not its primary prupose). The original intent of the law was to ensure easy transfer of information to keep health coverage when changing jobs. The privacy rule was not even part of the original law, it was added by HHS 3 years later. See more details here: https://www.ncbi.nlm.nih.gov/books/NBK9576/
arikrahman•37m ago
The article you cited states congress was aware of privacy concerns at the time and covered them as part of the third stated provision.
SirFatty•1h ago
"The Health Insurance Portability and Accountability Act (HIPAA) of 1996 is a US federal law designed to protect sensitive patient health information from disclosure without consent."
dekhn•1h ago
That's not really correct. It was designed for portability- the ability to move data between health care providers.

(I work in healthcare-adjacent and have met with many lawyers and had to explain them all about "HIPAA compliance"; my comment was not made from ignorance, but practical experience based on learning about how the law is used. There is a privacy rule in it, but that was not the real intent of the law. The intent was to make it easy to keep your health care when you moved between jobs.)

nickff•1h ago
Could you please cite the source for that quote? I looked for it, but couldn't find a source; it seems like an AI hallucination.
nickthegreek•1h ago
Why would you call it an hallucination because you cant find immediately locate the source? You didnt say what in the single sentence would make you jump to that conclusion.

I highlighted SirFatty's text, looked up on google and first result show it near verbatim on cdc.gov.

https://www.cdc.gov/phlp/php/resources/health-insurance-port...

dekhn•58m ago
Here's the original text of the bill's purpose; very little of the bill talks about privacy, and most of the rules around that are part of the HHS Privacy Rule.

To amend the Internal Revenue Code of 1986 to improve portability and continuity of health insurance coverage in the group and individual markets, to combat waste, fraud, and abuse in health insurance and health care delivery, to promote the use of medical savings accounts, to improve access to long-term care services and coverage, to simplify the administration of health insurance, and for other purposes.

aksss•1h ago
Narrator: "But it did neither."

Honestly, we're better off with it than without it, speaking as someone with exposure to that industry's internals. That act drives a lot of good security practice within the organizations (mostly liability shifting, but still good). Specifically, the fear it instills of ruinous penalties from regulators drives good practice adoption, IME.

Further, multiple crappy patient portals across providers is a crummy experience, but it's an improvement over the world where providers held the data hostage and had zero interest in accommodating your requests for it, or even the idea that you owned it.

ButlerianJihad•43m ago
The second “P” in HIPAA stands for “Privacy”
dekhn•42m ago
I wonder if that's why so many people write it as HIPPA.
SoftTalker•1h ago
HIPAA applies to healthcare professionals and providers, not ad tech companies. And race and citizenship are not personal health-related data.
malcolmgreaves•36m ago
That's not actually true. It applies to health care data. If you're a software engineer making a system that includes HIPAA-protected data, you can face individual criminal liabilities for mishandling the data.
wewtyflakes•1h ago
It should be illegal to send the data, and illegal to accept it; burn both sides of that bridge.
Eddy_Viscosity2•1h ago
Why would politicians ever pass such a law? Who do you think they work for?

update: Yeah, my bad. The point of this comment was to express my increasing cynicism at how we just keep seeing this kind of corporate behavior over and over again and how even when a tiny win is achieved on things like data collection, right to repair, ease for cancelling subscriptions, privacy, and so on and so on, they are so quickly over taken by new tactics or clawbacks/loopholes/non-enforcement of those laws. HN comments was probably the wrong place to vent and its too late to delete it.

post-it•58m ago
What's the point of this kind of comment? Have pro-citizen anti-corporate laws never been passed in the past?
wilg•56m ago
The point of the comment is to spread toxic and deadly cynicism.
traderj0e•53m ago
If you never trust anyone at all, nobody will take advantage of you, instead you'll fool yourself.
arikrahman•39m ago
And also to karma farm. Thankfully the comment is greyed out for what it is.
TheOtherHobbes•38m ago
You never see corporate media doing anything like that.
kevin_thibedeau•29m ago
Only when Congress might be embarrassed. The VPPA exists so we can't find out what videos they watch in their spare time between orgies.
tardedmeme•6m ago
So it should be as easy as buying tracking data and searching for Congressmen. We can put up license plate readers around Washington too, since that's legal.
guelo•12m ago
Very rarely. Most of the consumer protection laws were passed before Reagan in 1980. We did get the CFPB after the 2008 financial meltdown but it's been under attack ever since.
anonym29•10m ago
"Citizens" United (which allows unlimited corporate political donations by classifying them as "speech", for those out of the loop) has fundamentally changed the core incentive structures of the modern political landscape. To compare a pre-CU world to a post-CU world when it comes to matters at the intersection of corporate interests and government regulatory / legislative power is comparing apples to oranges.

We need to overturn CU if we want to be able to go back to a world where government serves people rather than multinational conglomerates.

wat10000•57m ago
Ideally because we'd vote in politicians who would do it, and vote out those who didn't.
nomorewords•51m ago
Is that even possible in the US anymore with donations and corporate backing being so important to a campaign?
applfanboysbgon•49m ago
I don't believe donations or corporate backing had anything to do with Trump, for example, winning. Trump won because he genuinely appeals to the average voting American. American voters are willingly choosing to support these politicians and all of the consequences that entails.
dgellow•46m ago
For the president election, maybe, but without corporate backing of the GOP he would have to face an adversarial congress. Or at least, that’s the hope
fn-mote•45m ago
You can believe the latter but the former ignores everything we know about the effectiveness of advertising.

And also about the targeting of swing districts.

triceratops•22m ago
Both can be true.
exe34•13m ago
To discount advertising and manipulation in this context amounts to conspiracy theory in my opinion.
wat10000•28m ago
It's possible. Ultimately the voters do make the decision, even if they can be swayed. How realistic it might be, I can't say. We certainly need a lot more engagement with the process. There are far too many people ignoring the primaries and then complaining about their lack of choice in the general.
applfanboysbgon•54m ago
They work for the people. In some countries, people actually vote for politicians that benefit the population. In other countries, people repeatedly vote for politicians despite knowing that those politicians are only interested in enriching themselves, with a track record going back decades of doing nothing but that. The problem, then, is the voters in certain countries, not the politicians.
dexterdog•42m ago
And in some countries people are only given a choice of two, neither of which benefit the population.
roughly•37m ago
Many of those countries have mechanisms by which one can express their preferences earlier in the process, ones which have been successfully used to pivot major political parties in new and unexpected directions, although those mechanisms are more complicated than just showing up at the end and whining about the results, so usually it's only motivated individuals and entities which leverage them.
grassfedgeek•21m ago
In some countries a major party has succeeded in convincing a majority of voters to vote against their self interest by leveraging "red meat" topics such as abortion, jesus and guns.
bell-cot•1h ago
I wouldn't be surprised if both are illegal. But these days, the correlation between "X is illegal" and "larger org's do not do X" just ain't what it yousta be.
idle_zealot•48m ago
My understanding is that it's legal with opt-in, but the opt-in is allowed to be confusing, opaque, and sticky, so most people "consent" without informed consideration. We really need to revisit contract law in a modern context. Call me crazy but I don't think it's reasonable that our society operates in such a way that easily 90+% of people are subject to contract terms they signed but don't know or understand.
mrguyorama•12m ago
Damn near anything in business in the US is allowed with "opt in" where the opt in is literally the scene from Charlie and the Chocolate factory, including the part where you don't get to come after the factory for your death and dismemberment as stated in 1pt font after an entire chapter of reading to dull your attention.
goda90•54m ago
Every piece of data collected should be an opt-in both for the initial collection and any sharing to a third party. There should be an explanation for why it is collected and an explanation for what features are not possible if it is not collected. It should be a violation of the law to disable a feature based on failure to opt-in for data points that aren't absolutely necessary for the operation of that feature.
traderj0e•52m ago
At least make it an explicitly protected right to lie about your race in any context. It's a lot easier to ruin a dataset than it is to hide from it.
tardedmeme•13m ago
What would happen if you just lied? I guess you wouldn't get healthcare coverage once they found out? But isn't there something in law about material damages, they'd have to prove you cost them money by choosing the wrong race?
rationalist•6m ago
Yes, but does anyone treat it as ruined, or do you get targeted for both/all races?

If someone targets black people, you're on that list; if someone targets white people, you're also on that list!

2ndorderthought•33m ago
Well the tech companies/offense contractors are probably using it to enrich the department of wars efforts. Hmm I wonder what they want health data for? Ohhh... Oh...
kevin_thibedeau•32m ago
It's a tracking pixel. They fool you into sending it.
janalsncm•18m ago
The relevant facts are that the website owner voluntarily put the tracking code on their own website, and the tracking code worked as designed.
afavour•12m ago
A technicality without a meaningful difference. Users didn't consent to sending it, nor were they aware of it.
mistrial9•1h ago
anecdata - in Berkeley CA, in the late 2010s, two individuals showed up to be in the fast-paced AD scene. One was from a former Soviet Union country, who spoke English pretty well .. and the other a woman from Columbia .. to say that both of these two were "aggressive" is an understatement. He spoke English, she was in charge of "security" .. after a very few meetups, they both formed a company for "Ad tech for Hospitals" .. it was "heavy security" they said, and therefore did not discuss any details in public. They very obviously would do "aggressive" actions to get into the business, defeat competitors, and satisfy ..clients? Who were they satisfying with the cultural norms, constantly aggressive stance, move fast and break things approach? Every single person involved had the motivation of Big Money, Now.
oarla•1h ago
Relevance?
levocardia•1h ago
The actual "sharing" was using the Meta pixel and TikTok's equivalent, presumably so the healthcare exchanges could do retargeting or similarity-based marketing to get people to sign up for health care coverage. Which, narrowly, seems like a reasonable thing to do. But of course using the pixel automatically "shares" the data with Meta/ByteDance/whoever, and they get to use it for whatever nefarious purpose they want.
fusslo•52m ago
> Nearly all of the 20 state-run health insurance exchanges in the US have added advertising trackers that transmit user activity

...why?

> State officials say they embed this technology on the exchanges to measure marketing campaigns and to advertise to people who visit their sites

What an absurdist reality we live in

> Tara Lee, a spokesperson for the Washington state exchange, said the tracker on the site was used for advertising campaigns, adding that email, phone and country identifiers were shared with TikTok.

https://www.bloomberg.com/features/2026-healthcare-advertisi...

Personally, I feel local government should not be engaging these services in this way. I don't feel that it's a wise use and that our government employees should be more protective of the public who use their services.

lava_pidgeon•47m ago
Cookie Banner isn't such a bad idea now
xp84•20m ago
Nah, it’s still stupid and pointless
downbad_•46m ago
The richest tech companies and richest men in the world got rich by invading people's privacy and selling invasive ads.
TehCorwiz•43m ago
> The richest tech companies and richest men in the world got rich by invading people's privacy and ~selling invasive ads.~

I think you mean "manipulating content algorithms to favor their viewpoints and to target individuals for maximum effect."

mcmcmc•26m ago
They got rich because people were stupid enough to think free services come without a cost.
consumer451•14m ago
If we have learned anything in recent decades, it is that we are all pretty darn stupid.
tardedmeme•4m ago
People prefer to pay with tracking data instead of money because they have lots of tracking data and not much money.
jjtheblunt•15m ago
You overlooked plain cronyism in Russia 1991 and after, for example, and actual rich people who just invested very long ago, and repetitively over time, in companies making money (not timing the stock market), like Charlie Munger and Warren Buffett.
tantalor•43m ago
> whether they provided details about whether they have incarcerated family members

Okay. That's not much of a signal, is it? This is "metadata" level of detail.

tamimio•35m ago
US isn’t a country, it’s an economic zone run by few corporates, who bribe and push law makers to pass whatever laws they like, everyone is winning except the citizens of that “country”.
deferredgrant•32m ago
This is especially bad for public services because trust is already fragile. People should not have to worry that applying for healthcare also enrolls them in a tracking graph.
xp84•18m ago
I’m more annoyed that these government healthcare marketplaces are asking people their race in the first place. Really don’t think anything should be, including job applications.
jjtheblunt•13m ago
I never (in the US) have understood why those questions include separate questions for race (seems to be like white or black or asian) and for ethnicity, including a really odd question about Latino or non Latino.

Why those questions, but no Danish vs non Danish, and so on?

dominotw•6m ago
do they ask about pre existing conditions? then prbly race also makes sense.
TallGuyShort•8m ago
I used a state (Colorado) healthcare marketplace website when I was going to take a break between jobs for a couple of months, and I feel very violated by the whole process. I entered a bunch of information to the website, knowing that the data could be expected to be shared for quotes, but I got no quote. The information didn't just flow between systems, it was just sent directly to a bunch of individuals. Instead of getting anything useful from the website, I just got told that agents would contact me, and then literally hundreds of agents were calling and texting me at all hours of the day and night for weeks. I asked one of them how to get it to stop and they said it was impossible during the government shutdown.
59percentmore•5m ago
Oh, I bet they fucking did.

That's it, that's the comment.

US healthcare marketplaces shared citizenship and race data with ad tech giants

https://techcrunch.com/2026/05/04/us-healthcare-marketplaces-shared-citizenship-and-race-data-wit...
228•ZeidJ•2h ago•78 comments

Securing a DoD Contractor: Finding a Multi-Tenant Authorization Vulnerability

https://www.strix.ai/blog/how-strix-found-zero-auth-vulnerability-dod-backed-startup
89•bearsyankees•1h ago•31 comments

Stop big tech from making users behave in ways they don't want to

https://economist.com/by-invitation/2026/04/29/stop-big-tech-from-making-users-behave-in-ways-the...
118•andsoitis•2h ago•64 comments

I am worried about Bun

https://wwj.dev/posts/i-am-worried-about-bun/
185•remote-dev•2h ago•97 comments

Talking to strangers at the gym

https://thienantran.com/talking-to-35-strangers-at-the-gym/
798•thitran•7h ago•396 comments

GameStop makes $55.5B takeover offer for eBay

https://www.bbc.co.uk/news/articles/cn0p8yled1do
530•n1b0m•9h ago•459 comments

Does Employment Slow Cognitive Decline? Evidence from Labor Market Shocks

https://www.nber.org/papers/w35117
113•littlexsparkee•3h ago•93 comments

Microsoft Edge stores all passwords in memory in clear text, even when unused

https://twitter.com/L1v1ng0ffTh3L4N/status/2051308329880719730
102•cft•1h ago•43 comments

Redis array: short story of a long development process

https://antirez.com/news/164
164•antirez•5h ago•62 comments

How Monero's proof of work works

https://blog.alcazarsec.com/tech/posts/how-moneros-proof-of-work-works
163•alcazar•5h ago•133 comments

UK Fuel Price Intelligence

https://www.fuelinsight.co.uk
111•theazureguy•4h ago•48 comments

Heat pump sales rise across Europe

https://www.pv-magazine.com/2026/05/04/heat-pump-sales-rise-17-across-europe-in-q1-as-energy-pric...
89•doener•1h ago•18 comments

Show HN: nfsdiag - a NFS diagnostic application

https://github.com/lsferreira42/nfsdiag
8•lsferreira42•2d ago•0 comments

Pomiferous: The most extensive apples (pommes) database

https://pomiferous.com/
53•Ariarule•4h ago•18 comments

Let's Talk about LLMs

https://www.b-list.org/weblog/2026/apr/09/llms/
19•cdrnsf•1h ago•5 comments

1966 Ford Mustang Converted into a Tesla with Working 'Full Self-Driving'

https://electrek.co/2026/05/02/tesla-1966-mustang-ev-conversion-full-self-driving/
53•Brajeshwar•4h ago•43 comments

Sierra Raises $950M at $15B Valuation

https://sierra.ai/blog/better-customer-experiences-built-on-sierra
39•doppp•3h ago•54 comments

Offenders sentenced up to 10 years for spying on TSMC

https://www.taipeitimes.com/News/front/archives/2026/04/28/2003856358
38•ironyman•1h ago•0 comments

Trillions in Retirement Dollars Flow into Opaque Trusts

https://www.bloomberg.com/news/features/2026-05-03/trillions-in-us-retirement-dollars-flow-into-o...
62•koolhead17•2h ago•4 comments

Newton's law of gravity passes its biggest test

https://www.science.org/content/article/newton-s-law-gravity-passes-its-biggest-test-ever
96•pseudolus•6h ago•72 comments

DHS demanded Google surrender data on a Canadian man over anti-ICE posts

https://www.wired.com/story/dhs-demanded-google-surrender-data-on-canadians-activity-location-ove...
10•HotGarbage•22m ago•0 comments

'Kitten Space Agency', the Spiritual Successor to 'Kerbal Space Program' (2025)

https://www.space.com/entertainment/space-games/kitten-space-agency-is-the-spiritual-successor-to...
55•Tomte•1h ago•19 comments

DAG Workflow Engine

https://github.com/vivekg13186/Daisy-DAG
50•blobmty•6h ago•37 comments

OpenAI, Google, and Microsoft Back Bill to Fund 'AI Literacy' in Schools

https://www.404media.co/literacy-in-future-technologies-artificial-intelligence-act-adam-schiff-m...
72•cdrnsf•3h ago•71 comments

Alberta voter list leak is a potential public safety disaster

https://globalnews.ca/news/11828244/alberta-voter-list-leak-public-safety-disaster/
79•Teever•3h ago•54 comments

Using “underdrawings” for accurate text and numbers

https://samcollins.blog/underdrawings/
340•samcollins•3d ago•125 comments

Days without GitHub incidents

https://www.dayswithoutgithubincident.com/
290•goalieca•1h ago•121 comments

Why are neural networks and cryptographic ciphers so similar? (2025)

https://reiner.org/neural-net-ciphers
99•jxmorris12•2d ago•32 comments

Texico: Learn the principles of programming without even touching a computer

https://www3.nhk.or.jp/nhkworld/en/shows/texico/
163•o4c•2d ago•13 comments

BYOMesh – New LoRa mesh radio offers 100x the bandwidth

https://partyon.xyz/@nullagent/116499715071759135
451•nullagent•1d ago•147 comments