Medical world pays insufficient attention to privacy

Medical world pays insufficient attention to privacy

23-01-2019 13:51:28


Half the hospitals uses Google Analytics

Ede, January 23, 2019 – Research by BIT amongst 73 Dutch hospitals has shown that they do not privacy issues as seriously as they should. The data centre checked the websites of these organisations for use of TLS, DNSSEC, IPv6 and Google Analytics. Out of all the hospitals that were reviewed for this research, there was only one that met the aforementioned internet standards. And still, this party uses Google Analytics which means that the privacy is still not guaranteed.

A safe website?

The medical world has taken steps in regard to internet protocols. Out of the reviewed hospitals, 60 percent makes insufficient or even no use of TLS, or the HTTPS (HyperText Transfer Protocol Secure). This protocol secures transport on the internet. A part of the organisations does operate with HTTPS on their websites, but has not fully configured it. Almost half (49%) uses no DNSSEC, which can prevent referrals to fake websites.

Use of Google Analytics

Almost half (49%) of the hospitals uses Google Analytics. Alex Bik, CTO at BIT: “It is very noticeable that almost half of the reviewed hospitals uses Google Analytics. As a consumer you should be able to expect that the medical world is especially careful with privacy issues, but this appears not to be the case. By using Goole Analytics, data is shared with Google. Because many websites do this, Google can compose a detailed profile of the user in question. If you have a Google account, the company know who you are. That also goes for when you are no longer logged on. Especially in the case of hospitals and health insurers, this is a problem, since we can assume that internet pages on, for example, pregnancy or STDs are not idly visited.”

Visit for tips and tricks to contribute to a safe and clean internet.