The Federal Trade Commission (FTC), the US agency responsible for enforcing competition and consumer protection law, has one Policy statement September 15th on Health Apps. It should offer more security for the medical data of its users.
A necessary update from the FTC
The Declaration of Principles was passed by three votes to two, three Democrats, two Republicans. It aims to complete an already existing rule. The Health Injury Notification Policy was introduced in 2009. Their goal is to force any company dealing with medical files to notify their users if their data is viewed without their permission.
Epic Games vs. Apple, but who won the match in the end?
An update was necessary. Since 2009, the popularity of health applications has exploded, even more so with the Covid pandemic and more and more connected devices collecting medical data. In the United States, their users weren’t necessarily informed when their data was in the wild.
In its statement, the FTC states: ” With many Americans using apps and other technology to track illnesses, diagnoses, treatments, medications, fitness, fertility, sleep, mental health, diet, and more, this rule is more important than ever “.
Medical data is precious and the target of many hackers, this summer in France the hospitals of Paris became the victim of a massive theft. For the President of the FTC, Lina Khan, applications and other devices in the field ” too often not investing in privacy and data security “.
Beware of the commodification of health data
However, the statement released on September 15 goes beyond cybersecurity issues. The voluntary disclosure of application data to third parties, advertisers or others without notifying the user is also a criminal offense. For the President of the FTC this is a ” more fundamental problem “Again that” Commercialization of Sensitive Health Information “.
The American agency threatens recalcitrant applications with a fine of $ 43,792 a day. And beware of those who plan to slip through the cracks, the agency has already warned they would apply the rule ” powerful “.