GoodRx facing $1.5M fine over improper sharing of health data
By 
Kyle Brasseur2023-02-01T18:02:00
GoodRx Holdings agreed to pay $1.5 million as part of a settlement reached with the Federal Trade Commission (FTC) addressing allegations the telemedicine and prescription drug discount provider shared personal health data with third parties for advertising purposes.
GoodRx must overhaul its user consent and data retention practices as conditions of the agreement announced Wednesday by the FTC. The agency’s proposed order, which it hailed as being the first of its kind, was filed by the Department of Justice and must be approved by a federal court before taking effect.
GoodRx was faulted for misrepresenting its compliance with the Health Insurance Portability and Accountability Act (HIPAA) in addition to allegedly monetizing personal health data by sharing the information with advertising platforms including Facebook and Google.
Related articles
-
News BriefFTC, HHS warn hospitals over use of online tracking tech
The Federal Trade Commission and Department of Health and Human Services sent letters to approximately 130 hospital systems and telehealth providers regarding potential patient privacy violations and security risks stemming from online tracking technologies.
-
News BriefFTC warns businesses to risk assess uses of biometric technologies
Businesses that make false or unsubstantiated claims regarding facial recognition and other biometric technologies could face enforcement from the Federal Trade Commission, the agency warned in a policy statement.
-
News BriefFTC proposes BetterHelp pay $7.8M for sharing health data
The Federal Trade Commission proposed requiring online counseling service BetterHelp to pay $7.8 million as part of a settlement addressing charges it shared clients’ personal health data with Facebook, Snapchat, and other third parties for advertising purposes.
More from Regulatory Enforcement
-
ArticleFormer startup CEO gets 7 years in prison for $175M fraud against JPMorgan Chase
Charlie Javice, a former CEO who duped JPMorgan Chase into purchasing her start up company for $175 million, has been ordered to forfeit more than $22 million by the Department of Justice (DOJ) and to spend 7 years in jail.
-
ArticleGeorgia Tech to pay $875,000 for allegations brought by compliance officers
Georgia Tech Research Corp. (GTRC) has agreed to pay $875,000 to settle allegations first raised by two compliance officers that its cybersecurity protocols violated acceptable standards for defense contractors, the Department of Justice (DOJ) said.
-
ArticleTractor Supply Company hit with $1.35M fine for alleged California privacy violations
Tractor Supply Company has agreed to get into compliance with California’s consumer privacy law and to pay a $1.35 million fine—the largest yet by California—to settle allegations it violated the privacy rights of customers and job applicants.