FTC Tells Health Apps The Need to Tell Consumers Of Data Breaches

The Federal Trade Commission (FTC) has stated health apps and connected devices must comply with the Health Breach Notification Rule, making it so they must notify users when data is breached, according to a press release.

The FTC stated health apps and wearables, with the ability to track glucose levels, heart health, fertility, and sleep, have been attracting more sensitive personal data for some time now, per the release. Because of that, the apps have a responsibility to make sure the data is secure. That includes making sure unauthorized data access can’t happen.

In the American Recovery and Reinvestment Act of 2009, Congress enacted specific rules for the FTC to make sure customers are contacted in the case of a security breach, according to the release. After that, the FTC enacted the Health Breach Notification Rule, making it so vendors of personal health records and other entities have to notify customers, the FTC and occasionally the media when data is acquired without customer permission.

Now, health apps and other connected devices which collect personal data have become mainstream. But even so, the pandemic has seen an increase in scammers, hacks and other types of cybercrimes, and privacy protections haven’t caught up, the release stated.

Want more news? Subscribe to CPI’s free daily newsletter for more headlines and updates on antitrust developments around the world.