GoodRx facing $1.5M fine over improper sharing of health data
By 
Kyle Brasseur2023-02-01T18:02:00
GoodRx Holdings agreed to pay $1.5 million as part of a settlement reached with the Federal Trade Commission (FTC) addressing allegations the telemedicine and prescription drug discount provider shared personal health data with third parties for advertising purposes.
GoodRx must overhaul its user consent and data retention practices as conditions of the agreement announced Wednesday by the FTC. The agency’s proposed order, which it hailed as being the first of its kind, was filed by the Department of Justice and must be approved by a federal court before taking effect.
GoodRx was faulted for misrepresenting its compliance with the Health Insurance Portability and Accountability Act (HIPAA) in addition to allegedly monetizing personal health data by sharing the information with advertising platforms including Facebook and Google.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefFTC, HHS warn hospitals over use of online tracking tech
The Federal Trade Commission and Department of Health and Human Services sent letters to approximately 130 hospital systems and telehealth providers regarding potential patient privacy violations and security risks stemming from online tracking technologies.
-
News BriefFTC warns businesses to risk assess uses of biometric technologies
Businesses that make false or unsubstantiated claims regarding facial recognition and other biometric technologies could face enforcement from the Federal Trade Commission, the agency warned in a policy statement.
-
News BriefFTC proposes BetterHelp pay $7.8M for sharing health data
The Federal Trade Commission proposed requiring online counseling service BetterHelp to pay $7.8 million as part of a settlement addressing charges it shared clients’ personal health data with Facebook, Snapchat, and other third parties for advertising purposes.
More from Regulatory Enforcement
-
News BriefFRC fines PwC, auditor combined $4.1M over 2019 work of Wyelands Bank
The U.K. Financial Reporting Council issued penalties against PwC and a former auditor over deficiencies on work related to the 2019 financial statements of now shuttered Wyelands Bank.
-
News BriefDOJ fines MORSE Corp $4.6M for lax cyber controls amid crack down on federal contractors
Yet another government contractor has been slapped with a fine by the Department of Justice for applying lax cybersecurity defenses on sensitive government data.
-
News BriefEU regulator questions 'culture of compliance' with Digital Markets Act at Apple, Google
The European Commission released its preliminary findings last week regarding Apple and Google not complying with the Digital Markets Act. It issued orders to both companies regarding their business practice and plans to release all of its findings next week.