Lexology February 8, 2023
Frankfurt Kurnit Klein & Selz PC

GoodRx, a popular drug discount website and application used by millions of Americans, entered into a $1.5 million settlement with the Federal Trade Commission for allegedly unfairly and deceptively sharing users’ personal health information with advertisers, including Facebook and Google. According to the FTC, GoodRx’s data handling practices violated both Section 5 of the FTC Act, and, in a “first of its kind” action, the 2009 Health Breach Notification Rule (HBNR), which requires vendors of personal health records to report data breaches, even if neither the entity nor the data in question is subject to HIPAA. The case highlights the growing concerns over the sharing of personal health information and the FTC’s increased efforts to regulate companies in the digital...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HIPAA, Patient / Consumer, Pharma, Pharma / Biotech, Privacy / Security
Related Articles:
Patient Privacy at Risk: The Hidden Flaws in Healthcare Data De-Identification (And How to Fix Them)
New privacy screen protectors launched to help practices stay HIPAA compliant
2024 Privacy, AI & Cybersecurity Year in Review
European Commission Withdraws Draft Rules on Technology Patents, AI Liability and Consumer Privacy
EU pulls back – for the moment – on privacy and genAI liability compliance regulations

Share This Article