![]() ![]() The FTC also recently announced an action against Easy Healthcare, which develops the Premom app used for period and fertility tracking. ![]() These pixels enabled both platforms to collect, analyze, and infer information about user activity, facilitating targeted advertising. The NPRM follows a series of recent enforcement actions that the FTC has brought against health technology companies such as GoodRx and BetterHelp for the unauthorized sharing of user health data through tracking pixels for marketing and advertising. Intensified Health App Privacy Enforcement The rule applies to foreign and domestic non-HIPAA covered vendors of "personal health records that contain individually identifiable health information created or received by health care providers." The HBNR specifies the timing, method, and content of notification, and in the case of certain breaches involving 500 or more people, requires notice to the media. It also requires third-party service providers to vendors of PHRs and PHR-related entities to provide notification to such vendors and PHR-related entities following the discovery of a breach. ![]() The HBNR requires vendors of personal health records (PHRs) and PHR-related entities to notify individuals, the FTC and, in some cases, the media of a breach of unsecured PHR identifiable health information. Consistent with the FTC's September 2021 policy statement and recent enforcement actions, the proposed changes would revise the HBNR to apply to most health and wellness apps and to require breach notification in almost any instance in which a consumer's identifiable health data is disclosed without their authorization (such as unauthorized disclosures to advertising platforms). While the HBNR began as a breach notification rule seemingly focused on a narrow set of applications that store medical records on behalf of consumers, the NPRM continues the FTC's path toward turning the rule into a means of imposing privacy and breach notification restrictions on virtually all health and wellness apps. The FTC released a Notice of Proposed Rulemaking (NPRM) to introduce changes to the Health Breach Notification Rule (HBNR). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |