September 16, 2021

Volume XI, Number 259

Advertisement

September 16, 2021

Subscribe to Latest Legal News and Analysis

September 15, 2021

Subscribe to Latest Legal News and Analysis

September 14, 2021

Subscribe to Latest Legal News and Analysis

FTC PrivacyCon 2020: Health Apps Area of FTC Focus Going Forward

On July 21, 2020 the FTC hosted its Fifth PrivacyCon-an event where researchers convene with FTC officials to discuss cutting-edge issues related to consumer privacy and security.  Because PrivacyCon can be a harbinger of FTC activity, CPW attended PrivacyCon and reported on various developments of interest.  Much of the focus this year was on healthcare data privacy—a particularly pertinent topic in light of the COVID outbreak.

Andrew Smith, the Director of the FTC Bureau of Consumer Protection, opened PrivacyCon with remarks on FTC’s enforcement activity this past year.  He also touched upon what might lie ahead in the future, with particular emphasis on FTC action in the healthcare arena.  [As you all at CPW probably know already, while the Department of Health and Human Services (“HHS”) Office for Civil Rights is responsible for enforcing the Health Insurance Portability and Accountability Act, the FTC has general oversight over deceptive and unfair practices.]  This past year, Smith observed, FTC has taken various enforcement actions directed at protecting consumer privacy.  This included what Smith described as “record-shattering” settlements reached against companies for privacy and security protections under various regulatory regimes, including the Fair Credit Reporting Act, the Gramm-Leach Bliley Act and the FTC Act.  Smith noted that many of these settlements included structural changes to how consumers’ and children’s data was treated.

Looking forward, Smith said the FTC would be paying increased attention to mobile health apps as consumers are increasingly relying on these tools in a variety of contexts (health trackers, sleep monitors, smoking cessation apps, diet guides, etc.).  Contract tracing brought on with the COVID outbreak has added additional complexity to this area.  Smith noted that HHS had issued rules that made it easier for consumers to access their medical records on various apps, but cautioned that “whenever data flow increases the opportunities for data compromise increase.”  Smith reiterated that the FTC would not hesitate to take action against entities that misrepresent what they are doing with consumers’ health data or put consumers’ health data at undue risk.

Smith said that the FTC’s call for papers to present at PrivacyCon this year included matters related to mobile health, interconnected devices, online ad delivery assistance, technological developments that could be a boon to consumers but also pose risks to privacy, security and equal opportunity.  Consistent with this approach, the first panel, consisting of researchers from Harvard Medical School, the University of Toronto and Elektra Labs, discussed various technology related concerns pertaining to the development of healthcare apps.  Based on the panelists’ comments, it is possible that areas of focus regarding healthcare apps could include evaluating and securing the connected sensor technologies that power health apps, as well as broader concerns related to cybersecurity, data aggregation, de-identification and informed consent.

This a fast-growing area that, in light of Director Smith’s comments, is anticipated to evolve in the near future.  

© Copyright 2021 Squire Patton Boggs (US) LLPNational Law Review, Volume X, Number 203
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Kristin L. Bryan Litigation Attorney Squire Patton Boggs Cleveland, OH & New York, NY
Senior Associate

Kristin Bryan is a litigator experienced in the efficient resolution of contract, commercial and complex business disputes, including multidistrict litigation and putative class actions, in courts nationwide.

She has successfully represented Fortune 15 clients in high-stakes cases involving a wide range of subject matters.

As a natural extension of her experience litigating data privacy disputes, Kristin is also experienced in providing business-oriented privacy advice to a wide range of clients, with a particular focus on companies handling customers’ personal data. In this...

216-479-8070
Advertisement
Advertisement
Advertisement