Comment on page
Web Tracker Monitoring
Freshpaint gives you visibility into the trackers installed across your website, so you can more quickly make the decisions that keep you HIPAA-compliant.
Services such as Google Analytics and Facebook Advertising ask their clients to install software on their websites. You may have added the Google Tag or the Facebook Pixel to your site - those are both examples of Web Trackers. For HIPAA-covered entities, Web Trackers can pose a big risk to the extent that they facilitate sharing PHI from your site with unauthorized third parties.
Freshpaint’s weekly report shows you installed trackers and provides you a complete list of the pages they’re installed on so you can better assess whether they could be sharing PHI.
Freshpaint provides context about the highest risk trackers identified to help you know where to start your audit.
Freshpaint scans your entire site by starting from the home page and following links to explore from there. We will explore all pages on the site including subdomains. For example, we would follow a link from example.com to my.example.com.
Freshpaint is not able to monitor web trackers on the portions of websites that require the user to log in, such as a patient portal.
For each page, we keep track of which third party tools may be collecting PHI.
We'll send you an initial report of all of the trackers we find on your site. Each week, we'll re-scan your site and notify you of any new trackers that have been added.
It may take up to one week to generate the initial Web Tracker Report for your site
The first tab provides you a list of the trackers we were able to identify.
We provide context and descriptions where we can (this will get better over time) about each tracker and assign a level of HIPAA compliance risk.
The additional tabs show you all the pages each tracker is installed on.
You can also view the latest Web Tracker Report for your site in the Freshpaint app by navigating to "Monitoring" -> "Web Trackers" in the left sidebar.
Navigating to the Web Tracker Manager
You can view the full list of trackers installed on your site, along with their respective risk levels. You can also click to view a detailed page for each tracker.
We will be adding more features in the coming months to the Web Tracker Manager UI to help you manage your risk exposure and maintain HIPAA compliance.
- 1.The URL to the home page of the site that you need to monitor
- 2.The email address(es) where Freshpaint can send the reports
It may take up to one week to generate the initial report for your site.
Your site may have a firewall to prevent bots. We recommend contacting your organization's IT team and asking them to ensure that Freshpaint is able to scan your site. You can send them the following message:
Freshpaint is working with your marketing and compliance teams to help with your organization's HIPAA compliance. We are setting up web tracker monitoring for your site, and we want to make sure we will not be blocked or rate-limited by your bot detection / firewall.Could you please allowlist Freshpaint's IP address 126.96.36.199 so that we are able to scan the site?For context, we plan to crawl the entire site, including subdomains, about once per week. There may be additional crawls occasionally, particularly while we're first setting up the monitoring.