Meta crack down on health data

Health Data Privacy: A Win for Individuals, A Wake-Up Call for Businesses

By Braham Shnider

Meta’s latest move to restrict advertisers from using personal health data is making waves. The platform is limiting access to data tied to consumer health behaviours, affecting industries that rely on health-related targeting—such as supplements, skincare, and medical services.

The real issue isn’t about advertising—it’s about trust.

What This Signifies for Organisations Handling Health Data

For organisations managing employee health data, the stakes are even higher. Whether it’s pre-employment health checks, ongoing surveillance, or injury and claims management, organisations must take proactive steps to secure their health data ecosystems.

Meta’s restrictions highlight a broader industry shift:
Health data collection must be transparent and well-governed.
Data security isn’t just about compliance—it’s about trust.
Businesses must ensure personal health data is never misused or exploited.

The Risks of Poor Health Data Security

Meta’s decision underscores the potential for misuse when health data is collected without stringent safeguards. This issue extends far beyond online advertising. Without robust security, organisations risk a breach of their employees’ health data which could have significant implications including:
Regulatory action, as data privacy laws tighten worldwide.
Reputational and Brand Risk, damaging shareholder value
Loss of employee trust, damaging workplace culture and engagement.

What Organisations Can Do Now

This update serves as a wake-up call for organisations that collect and aggregate health data at scale. Whether in advertising or workplace health, the responsibility remains the same: data privacy should be built in, not bolted on.

At My Occ Health Record, security is a founding principle, which is why we’ve achieved IRAP accreditation, the highest level of Australian Federal Government certification, ensuring that health data is managed with the highest level of security.

This is a fundamental shift in how personal health data is handled. It begs the question, are organisations ready?

Is Your Employee Health Data Being Stored Securely?

This policy update is part of a broader conversation about how health data is used and protected. For full context, I’ve included the original Marketingbrew.com article below, published 10-December-2024.

For more information about My Occ Health Record approach to data security, contact our team.

______________________________________________________________________

Original Article Below: Meta plans crackdown on health-related user data

The changes, which come amid ongoing scrutiny of Meta ad tools, could be “catastrophic” for certain advertisers, one marketer said.

By Ryan Barwick

Starting next year, Meta plans to limit certain advertisers’ access to health-related data that could affect how everything from vitamins and supplements to acne treatments and Botox injections are marketed on the platform.

The plans, contained within a lengthy update to Meta’s advertising policy released last month, detail how the platform plans to limit or entirely restrict advertiser access to data that falls into specific categories like health and wellness, financial services, and politics. The new policy is scheduled to go into effect in January, nearly two years after advertisers using Meta’s ad tools faced scrutiny from the federal government for allegedly sharing users’ sensitive health information with the platform.

The changes could prevent advertisers from being able to access some kinds of data tied to consumers’ online activity, like the purchases they’ve made or the items they’ve placed in their online shopping carts. Those can be crucial data points for advertisers who are increasingly relying on Meta’s AI-powered advertising tools to find potential customers.

Advertisers told Marketing Brew that they had heard little from Meta directly about the full effects of the policy changes, and they described the policy changes as “vague” and “fairly ambiguous.” Beyond that, one described the timing of the announcement as “tone-deaf” amid the busy holiday shopping season.

Regardless, advertisers are working to understand how the updates will affect them—and are bracing for impact.

In a statement to Marketing Brew, Meta spokesperson Thomas Richards said that the company had recently started informing advertisers about the new data restrictions “to help prevent advertisers from sharing sensitive information through Meta Business Tools.”

“These changes,” he added, “are part of our ongoing efforts to help ensure that we don’t receive information not allowed under our Meta Business Tool Terms.”

Into the weeds

According to the new policy language, Meta “may restrict the sharing of specific mid- and lower-funnel events” and in some cases could make “campaign optimization” tools nonfunctional.

In this case, the events in question could be shopping-cart activity or prior purchases—or, in other words, the kind of data that many DTC advertisers have come to rely on when running advertising campaigns on Instagram and Facebook.

Barry Hott, a marketing consultant and owner of Hott Growth, an agency that represents clients including the women’s supplement company Happy V, said that the full restrictions could spell disaster for certain advertisers using Meta’s tools.

“If we lost the ability to optimize for a purchase event, that would be catastrophic,” he told Marketing Brew.

Buyers told us that they are not entirely clear on how Meta plans to determine which advertisers fall under the health and wellness category and which brands could face additional restrictions.

According to a memo a Meta representative shared with an advertiser that Marketing Brew reviewed, the “health and wellness” data source category is defined as “associated with medical conditions, specific health statuses or provider/patient relationship.” According to the memo, data linked to vitamins that claim to help with specific medical conditions like arthritis” could face additional restrictions, while data associated with vitamin products that are “not specifically marketed for a medical condition” might not.

Similarly, data linked to skin-care products that treat skin conditions like acne could face restrictions, as could Botox injections for medical purposes, like treatment of migraines, while Botox for cosmetic purposes might not, according to the memo.

Richards declined to comment on the specifics of the memo shared with Marketing Brew.

Based on the updated policy, advertisers using more flexible language, like claims that a product “supports digestion or boosts energy or relieves stress,” could fall into a bit of a gray area, according to Will Sartorius, CEO of the agency SelfMade, which has worked with brands like the hair-loss treatment brand Keeps and RXBar.

Richards declined to share details about how Meta plans to categorize advertisers but advised advertisers to “review the categories assigned to their data sources in Meta Events Manager to confirm they are appropriately categorized.” If they believe a data source has been miscategorized, he added, “advertisers can ask for a review.”

Backing off

In recent years, Meta has taken steps to roll back the ways that advertisers can target customers. In 2022, the company began blocking advertisers from targeting phrases like “same-sex marriage” and “chemotherapy.” But those past changes, which block phrases, have not gone as far as these new restrictions, which will prevent certain data from being collected in the first place.

Meta has come under increased scrutiny for its advertising tools, especially its tracking pixel, a piece of code that advertisers can place on their websites to track customers’ online behavior, which is then shared with Meta to make advertising campaigns more efficient.

Last year, The Federal Trade Commission brought cases against BetterHelp and GoodRx for allegedly sharing users’ sensitive data with platforms including Meta through the use of tracking pixels. In June the FTC and the Department of Health and Human Services warned telehealth providers and hospital systems about the potential dangers of using tracking pixels on their websites.

Sartorius compared the impending loss of signal for the health and wellness category to that of Apple’s iOS 14.5 update in 2021 that, at least temporarily, crushed Meta’s advertising business.

Some buyers are looking at alternatives in the event that the changes do affect themIf restrictions are placed on his clients, Sartorius said he would look to other platforms, like the mobile app–focused platform AppLovin.

“Brands have money that they want to spend on advertising,” he said. “They’re not going to want to save that for a rainy day.”

About My Occ Health Record

My Occ Health Record is a next-generation occupational health platform that delivers better health outcomes by centralising and securing workforce health data.
It revolutionises the industry by connecting organisations, providers, and employees through a real-time, single source of truth, ensuring compliance with industry regulations.
Built for industries with complex workforce health needs, such as mining, construction, and logistics. My Occ Health Record enables organisations to streamline employee health surveillance, pre-employment assessments, and injury claims management.
With automation and real-time analytics, My Occ Health Record helps businesses proactively manage workforce health, reduce downtime, and drive operational efficiency. Contact us to find out more.

Contact Us Today

MOHR empowers your management team, your employees and your health providers, to achieve better health outcomes through the centralisation of data. ​