Skip to main content
photo of telehealth video call

Ro Telehealth Data Tracking & privacy Investigation

The Lyon Firm is investigating Ro telehealth websites for potential data tracking technology, and health privacy violations.

According to a recent investigation published on The Markup website, popular telehealth websites, including Roman have allegedly been using data tracking tools, and sharing users’ medical and personal information to Facebook and other big tech companies.

This private information on telehealth websites (Roman, Ro) is often shared with tech companies with the use of tracking code and without user consent.

The Markup reported that 49 direct-to-consumer telehealth companies had a third-party tracking code on their site, with the potential to share data with third parties. The study follows another privacy report that revealed many healthcare systems in the U.S. using tracking code on their web portals.

In many cases, user answers to medical questionnaires regarding health conditions, medical histories, and drug use were sent to big tech firms. Dozens of the telehealth websites shared email addresses, phone numbers, and full names.

Collected information from some websites is sent to Meta, Google, TikTok, Bing, Snap, Twitter, LinkedIn, and Pinterest, possibly for the future use in targeted advertising.

Ro is a website geared toward patients seeking treatments for erectile dysfunction, weight loss, skincare, mental health, fertility, and hair loss.

In response to the investigation, a spokesperson from Ro released this statement:

“We are strongly committed to creating a safe place for our patients to access and receive care, which requires protecting patient privacy and complying with applicable laws and regulations. While we are not a HIPAA Covered Entity as we are an all-cash pay business, we nonetheless undertake serious efforts to protect our patients’ health information. We maintain and adhere to an up-to-date and comprehensive Privacy Policy for our patients. Additionally, we have a Data Subject Access Request program that allows our patients to exercise their rights to opt-out and exercise data deletion consistent with state laws. We continually evaluate our practices and follow the evolving legislative and regulatory landscape to ensure the appropriate protection of patient health information.”

If you have reason to believe your personal information has been compromised by any telehealth company, contact the Lyon Firm to discuss your personal privacy and potential legal action.