Get Permission
The Federal Trade Commission announcement this week of a proposed health data privacy settlement with Flo Health, a fertility-tracking mobile app vendor, illustrates how the agency can play a critical role in helping ensure data not regulated under HIPAA is protected.
The Wilmington, Delaware-based app vendor has agreed to a major revamp of its privacy practices under a proposed settlement with the FTC. The commission alleged the startup company violated the FTC Act by misrepresenting to millions of women how it shared their sensitive health data with third-party analytics firms.
Under the proposed settlement, which will be finalized after a public comment period, Flo Health must get app users’ consent before sharing their health information. It also must obtain an independent review of its privacy practices.