The news: The Federal Trade Commission (FTC) fined GoodRx $1.5 million in civil penalties for sharing its customers’ health information with third parties such as Facebook, Google, and Criteo for advertising purposes.
Digging into the violation: The FTC claims GoodRx repeatedly violated its promise that it wouldn’t share personal health information with advertisers or other third parties.
First, but not last: This is the first time the FTC has charged any company with violating the Health Breach Notification Rule (HBNR), which has been on the books since it took effect in September 2009. But this is only the beginning.
Our take: Government oversight on digital health company practices is here to stay. The FTC took years to act, but several states have enacted strict laws around the privacy of personal health information.
This article originally appeared in Insider Intelligence's Digital Health Briefing—a daily recap of top stories reshaping the healthcare industry. Subscribe to have more hard-hitting takeaways delivered to your inbox daily.