Healthcare organizations resolve privacy litigation to mitigate risks amid increased examination of tracking technologies

Pomona Valley Hospital Medical Center has reached a $600,000 settlement in a class-action case that accused the hospital of improperly using Facebook Pixel and similar tracking tools on its public website, which may have breached California privacy regulations, according to

. The agreement, made public in late 2025, applies to California residents who accessed the hospital’s website and signed into its patient portal from January 1, 2019, through December 31, 2022, as noted by . While the hospital maintains it did nothing wrong, it chose to settle to avoid the expense and uncertainty of extended legal proceedings.

The case, Warren v. Pomona Valley Hospital Medical Center, was initiated in March 2023 in Los Angeles County Superior Court. Plaintiffs claimed the hospital’s use of Facebook Pixel—a tracking tool that monitors user activity—amounted to unlawful interception of communications under the California Invasion of Privacy Act (CIPA) and other laws. The tracking technology, used to study website usage and deliver targeted ads, allegedly gathered confidential information from portal logins without users’ clear consent.

According to the settlement, qualifying class members will receive a share of the fund after deducting administrative expenses, legal fees (up to $200,000), and a service payment for the lead plaintiff (up to $3,500). These payments will be sent automatically by check or electronic transfer, and recipients do not need to take any action unless they wish to opt out. The hospital will identify eligible individuals using its own records.

Important dates include a December 9, 2025, deadline to opt out or object to the settlement, with a final approval hearing scheduled for January 26, 2026. If the settlement is finalized, payments will be made after any appeals are resolved. The hospital’s privacy policy states it gathers non-personal details such as IP addresses and browser types for internal use, and that sensitive data is encrypted during transmission.

This lawsuit underscores the increasing legal focus on third-party tracking technologies in the healthcare sector. A federal judge in California recently encouraged state legislators to clarify how laws like CIPA should apply to tools like Meta’s Pixel, describing the current legal situation as “a mess.” The hospital’s settlement reflects a wider movement in privacy litigation, where organizations are more frequently settling claims to avoid damage to their reputation and financial losses.