FTC warns connected device orgs: Comply with breach rule, or pay up

Healthcare IT News

Kat Jercich

The agency also extended its statement to health apps, noting that there are still too few privacy protections for them.

The U.S. Federal Trade Commission issued a policy statement this week confirming that connected devices and health apps that use or collect consumers’ health information must notify users and others when that data is breached.

Failure to comply, the agency said, could result in a penalty of up to $43,792 per violation per day.

“As many Americans turn to apps and other technologies to track diseases, diagnoses, treatment, medications, fitness, fertility, sleep, mental health, diet, and other vital areas, this rule is more important than ever,” wrote the commission in its policy statement.


Get the Morning Update

Thanks for subscribing!