The U.S. Federal Trade Commission adopted a policy statement confirming health applications and connected devices that collect or use consumers’ health information must notify them in the event of a data breach in compliance with the Health Breach Notification Rule. FTC Chair Lina Khan said while the rule “imposes some measure of accountability on tech firms that abuse our personal information,” there are not enough privacy protections for health apps and connected devices. Companies that do not comply could be fined up to $43,792 per violation per day.
16 Sept. 2021
FTC affirms health apps must comply with Health Breach Notification Rule
RELATED STORIES
Privacy in Arkansas: Is Arkansas ready for a consumer privacy law?
A view from DC: CFPB calls for states to regulate financial privacy
Notes from the IAPP Canada: OPC's WADA investigation 'raises some interesting issues'
A view from Brussels: European Commission's new tech policy center of gravity
First fine imposed under Thailand's Personal Data Protection Act
