FTC broadens health breach notification rule to include apps
Healthcare DIVE April 29, 2024
Regulators have been pursuing more enforcement actions against health apps sharing consumers’ data. Friday’s final rule should give those actions more heft.
Dive Brief:
- The Federal Trade Commission solidified data breach reporting requirements on healthcare applications in a Friday final rule, with the goal of stopping companies from trafficking potentially sensitive medical information.
- The Health Breach Notification Rule requires companies holding personal health information to notify regulators, consumers and in some cases the media when that data is breached, and allows regulators to fine bad actors. The new final rule clarifies that it applies to health apps, and expands the information those covered entities need to disclose in event of a breach.
- The FTC first warned health apps that...