The Federal Trade Commission (FTC) hardens data security rules for health apps and devices

FTC says it will fine dig­i­tal health com­pa­nies that don’t dis­close data breach­es (mobi­health­news):

With data breach­es on the rise, the FTC is look­ing to make health apps more account­able for telling patients when their data has been exposed.

The FTC released a new state­ment spec­i­fy­ing that all health apps that cap­ture sen­si­tive patient infor­ma­tion noti­fy users, the com­mis­sion itself and in some cas­es the media when a secu­ri­ty breach has com­pro­mised iden­ti­fi­able health data. If the com­pa­ny fails to do so it could face a fine of $43,792 per day of violation.

The rul­ing is actu­al­ly more than ten years old, but accord­ing to the FTC state­ment, it was nev­er enforced and was mis­un­der­stood by many com­pa­nies. The rul­ing includes ven­dors of per­son­al health records (PHR) and PHR-relat­ed func­tions, which draw infor­ma­tion from mul­ti­ple sources.

This new state­ment spec­i­fies that apps which draw infor­ma­tion from mul­ti­ple out­lets (i.e. ones that pull in wear­able data through an API and also col­lects user input) are now sub­ject to this rul­ing. The com­mis­sion said that apps that “track dis­eases, diag­noses, treat­ment, med­ica­tions, fit­ness, fer­til­i­ty, sleep, men­tal health, diet and oth­er vital areas.”

The Announcement:

FTC Warns Health Apps and Con­nect­ed Device Com­pa­nies to Com­ply With Health Breach Noti­fi­ca­tion Rule (press release):

The Fed­er­al Trade Com­mis­sion today issued a pol­i­cy state­ment affirm­ing that health apps and con­nect­ed devices that col­lect or use con­sumers’ health infor­ma­tion must com­ply with the Health Breach Noti­fi­ca­tion Rule, which requires that they noti­fy con­sumers and oth­ers when their health data is breached … The Rule ensures that enti­ties not cov­ered by the Health Insur­ance Porta­bil­i­ty and Account­abil­i­ty Act (HIPAA) face account­abil­i­ty when con­sumers’ sen­si­tive health infor­ma­tion is breached.

Full state­ment avail­able HERE (opens PDF)

News in Context:

About SharpBrains

SHARPBRAINS is an independent think-tank and consulting firm providing services at the frontier of applied neuroscience, health, leadership and innovation.
SHARPBRAINS es un think-tank y consultoría independiente proporcionando servicios para la neurociencia aplicada, salud, liderazgo e innovación.

Top Articles on Brain Health and Neuroplasticity

Top 10 Brain Teasers and Illusions


Subscribe to our e-newsletter

* indicates required

Got the book?