Web Tracker Monitoring
Last updated
Was this helpful?
Last updated
Was this helpful?
Freshpaint gives you visibility into the trackers installed across your website, so you can more quickly make the decisions that keep you HIPAA-compliant.
Services such as Google Analytics and Facebook Advertising ask their clients to install software on their websites. You may have added the Google Tag or the Facebook Pixel to your site - those are both examples of Web Trackers. For HIPAA-covered entities, Web Trackers can pose a big risk to the extent that they facilitate sharing PHI from your site with unauthorized third parties.
Freshpaint delivers a weekly report to your inbox with information about new trackers installed. To set up your weekly reports, read our .
Freshpaint’s weekly report shows you installed trackers and provides you a complete list of the pages they’re installed on so you can better assess whether they could be sharing PHI.
Freshpaint provides context about the highest risk trackers identified to help you know where to start your audit.
Freshpaint guides you towards HIPAA compliance by presenting different options to resolve each tracker found on your site. The describes the different resolution types and how to proceed with them.
Upload your BAA for each tool on your site. You won't need to wonder whether your organization has a BAA in place, and you won't have to search to find the document.
Freshpaint scans your entire site by starting from the home page and following links to explore from there. We will explore all pages on the site including subdomains. For example, we would follow a link from example.com to my.example.com.
For each page, we keep track of which third party tools may be collecting PHI.
We'll send you an initial report of all of the trackers we find on your site. Each week, we'll re-scan your site and notify you of any new trackers that have been added.
The first tab provides you a list of the trackers we were able to identify.
We provide context and descriptions where we can (this will get better over time) about each tracker and assign a level of HIPAA compliance risk.
The additional tabs show you all the pages each tracker is installed on.
Highest: Shares PHI, does not offer BAAs, and Freshpaint offers a HIPAA-compliant replacement
High: Shares PHI and does not offer BAAs or might not offer BAAs
Medium: Shares PHI but supports signing BAAs
Low: Does not share PHI, or you need to sign a BAA to work with them
Unknown: Freshpaint has not assessed the risk of this tracker
You can also view the latest Web Tracker Report for your site in the Freshpaint app by navigating to "Monitoring" -> "Web Trackers" in the left sidebar.
You can view the full list of trackers installed on your site, along with their respective risk levels. You can also click to view a detailed page for each tracker.
Click the "Settings" icon in the Web Tracker Manager lets you customize your scan. You can use this to exclude certain pages from the scan. For example you might want to exclude the "careers" portion of your site since that would not risk exposing the user's health information.
Specify a list of patterns. If any of these patterns are found in a URL, Tracker Monitoring will skip that page. For example, excluding "/careers" will skip all pages containing that path such as https://freshpaint.io/careers, https://freshpaint.io/careers/new-job.
The URL to the home page of the site that you need to monitor
The email address(es) where Freshpaint can send the reports
It may take up to one week to generate the initial report for your site.
Your site may have a firewall to prevent bots. We recommend contacting your organization's IT team and asking them to ensure that Freshpaint is able to scan your site. You can send them the following message:
Freshpaint is working with your marketing and compliance teams to help with your organization's HIPAA compliance. We are setting up web tracker monitoring for your site, and we want to make sure we will not be blocked or rate-limited by your bot detection / firewall.
Could you please allowlist Freshpaint's IP address 35.162.70.108 so that we are able to scan the site?
For context, we plan to crawl the entire site, including subdomains, about once per week. There may be additional crawls occasionally, particularly while we're first setting up the monitoring.
Once you have your report, read our for best practices on keeping your site HIPAA-compliant. to learn more about the different options to mitigate a tracker's risk, and then login to the Freshpaint UI to mark trackers as resolved for various reasons.
On a tracker's detailed page, you can choose ; you can also add arbitrary notes about a tracker, or upload a BAA if you already have a signed BAA with the provider.
Freshpaint customers can set up Web Tracker Monitoring by contacting . Please provide the following information:
Please feel free to reach out to with any questions.