HIA’s Brett Meeks was interviewed by Inside Health Policy about two GOP commissioners’ arguments that the Federal Trade Commission overstepped its legal authority in late April when it broadened its Breach Notification Rule to cover personal health information not covered by the Health Insurance Portability and Accountability Act.
Brett Meeks, executive director of Health Innovation Alliance, told Inside Health Policy the commission’s recent BetterHelp rulings make clear that FTC’s prior authority was sufficient in protecting consumer health data.
Last July, FTC fined the online mental health company BetterHelp $7.8 million and ordered it to undertake 20 years of remedial actions following FTC’s allegations in March that the company shared protected customer information with third parties without the customer’s affirmative consent.
“[FTC] didn’t need to update the rule, they chose to because they wanted to go bigger,” Meeks said.
Meeks also noted that since the agency’s 2021 statement warning health apps must comply with the Health Breach Notification Rule, there have been partisan tensions within the agency on how to best move forward on health data privacy.