February 5, 2023

Volume XIII, Number 36

Error message

  • Warning: Undefined variable $settings in include_once() (line 135 of /var/www/html/docroot/sites/default/settings.php).
  • Warning: Trying to access array offset on value of type null in include_once() (line 135 of /var/www/html/docroot/sites/default/settings.php).
Advertisement

February 03, 2023

Subscribe to Latest Legal News and Analysis

February 02, 2023

Subscribe to Latest Legal News and Analysis

Mobile Health Apps and the FTC’s Health Breach Notification Rule: New Enforcement Initiative Coming

Mobile health apps are growing in popularity and their number is increasing every year. Many of us find it convenient to use an app to schedule medical appointments, check medical records, track and store health data, and check symptoms. App developers have always needed to be mindful of protecting the privacy of the information that is shared in a mobile health app but recent guidance from the Federal Trade Commission (FTC) signals that the FTC intends to make compliance with its breach notification rule and enforcement a priority.

Last fall the FTC issued a policy statement to clarify that its Health Breach Notification Rule (Rule) “helps to ensure that entities… not covered by the Health Insurance Portability and Accountability Act (HIPAA) nevertheless face accountability when consumers’ sensitive health information is compromised.” The statement acknowledged that the Rule was issued over a decade ago, but that the “explosion” in health apps makes it important now. The Rule requires certain app vendors to notify consumers, the FTC and in some cases, the media if there is a breach of unsecured identifiable health information. Failure to comply with the Rule could result in civil penalties of $43,792 per day. The FTC website contains helpful information that offers tips for app developers, along with a mobile health app interactive tool to assist in determining which federal laws might apply.

Copyright © 2023 Robinson & Cole LLP. All rights reserved.National Law Review, Volume XII, Number 13
Advertisement
Advertisement
Advertisement

About this Author

Our lawyers are knowledgeable about data collection technology, including the use of cookies. We also understand the value of collecting and using data for marketing and other strategic purposes.

We are well versed in data breach response, remediation, coordination, and litigation, including investigations by the U.S. Office of Civil Rights and state AGs.

We actively attend and speak at FTC, state AG, and industry-sponsored workshops and programs on data privacy and security developments, cases, trends, and agendas. We...

401.709.3353
Advertisement
Advertisement
Advertisement