U.S. healthcare firm GoodRx Holdings has agreed to pay $1.5 million to settle allegations that it failed to notify customers that it shared personal health information with Alphabet’s Google, Meta’s Facebook and others, the Federal Trade Commission said on Wednesday.
Under the terms of the settlement, GoodRx will be barred from sharing user health data with other companies to use for advertising.
“Digital health companies and mobile apps should not cash in on consumer’s extremely sensitive and personally identifiable health information,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection, in a statement.
GoodRx, which had more than 55 million people use its website or app in the past six years, is a platform that offers drug discounts while collecting health information from users and their pharmacy benefit managers.
GoodRx promised users it would never share health information with advertisers but gave information to Google, Facebook, Criteo and others, the agency said in their complaint.
GoodRx said in a statement the issue in the settlement was resolved three years ago before the agency began its probe.
“We do not agree with the FTC’s allegations and we admit no wrongdoing. Entering into the settlement allows us to avoid the time and expense of protracted litigation,” the company said in a statement.
The settlement is the first under the FTC’s Health Breach Notification Rule, the agency said.
Under the settlement, the company is also required to put limits on how long it keeps personal and health information, and to publicly post the retention schedule, the agency said.
Was this article valuable?
Here are more articles you may enjoy.
In Florida Court, Sackler Family Member Admits Felony Tied to Her Opioid Addiction 
Some College Finals Delayed After Canvas Online Platform Hacked 
Florida, Louisiana Insurer Safepoint Reveals 97% Revenue Surge in IPO filing 
Health Officials Downplay Pandemic Risk From Cruise Hantavirus Outbreak 
