REGULATORY NEWS - AMERICAS FEBRUARY 1, 202311:21
By Reuters Staff
WASHINGTON, Feb 1 (Reuters) - U.S. healthcare firm GoodRx Holdings has agreed to pay $1.5 million to settle allegations that it failed to notify customers that it shared personal health information with Alphabet’s Google, Meta’s Facebook and others, the Federal Trade Commission said on Wednesday.
Under the terms of the settlement, GoodRx will be barred from sharing user health data with other companies to use for advertising.
“Digital health companies and mobile apps should not cash in on consumer’s extremely sensitive and personally identifiable health information,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection, in a statement.
GoodRx, which had more than 55 million people use its website or app in the past six years, is a platform that offers drug discounts while collecting health information from users and their pharmacy benefit managers.
The settlement is the first under the FTC’s Health Breach Notification Rule, the agency said.
GoodRx promised users it would never share health information with advertisers but gave information to Google, Facebook, Criteo and others, the agency said in their complaint.
Under the settlement, the company is also required to put limits on how long it keeps personal and health information, and to publicly post the retention schedule, the agency said. (Reporting by Diane Bartz; Editing by Josie Kao)
Our Standards: The Thomson Reuters Trust Principles.
More information visit https://www.justice.gov/opa/pr/digital-healthcare-platform-ordered-pay-civil-penalties-and-take-corrective-action