On March 2, 2023, the FTC announced a proposed order against BetterHelp, Inc., an online mental health counseling service, for sharing consumer data, including sensitive mental health information, with third parties for targeted advertising and other purposes.
Continue Reading FTC Announces Proposed Order against BetterHelp for Disclosing Sensitive Mental Health Information to Third Parties for Targeted Advertising Purposes

On February 10, 2023, an Illinois federal district court ordered the dismissal of a putative class action lawsuit alleging that an online tool that allowed users to virtually try on sunglasses violated the Illinois Biometric Privacy Act.
Continue Reading Illinois Federal Court Rules that BIPA Health Care Exemption Applies to Sunglasses Virtual Try-On Tool

On February 1, 2023, the Federal Trade Commission announced that it entered into a proposed order with GoodRx, a telehealth and prescription drug discount provider, for violations of the FTC’s Health Breach Notification Rule stemming from GoodRx’s unauthorized disclosures of consumers’ personal health information to third party advertisers and other companies.
Continue Reading GoodRx to Pay $1.5 Million in First Ever FTC Health Breach Notification Rule Enforcement Action

On December 1, 2022, the Office for Civil Rights at the U.S. Department of Health and Human Services released a Bulletin on the obligations of HIPAA covered entities and business associates under the HIPAA Privacy, Security, and Breach Notification Rules when using online tracking technologies.
Continue Reading HHS Releases Bulletin on Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates