Federal regulators are reminding for-profit companies that if they collect and share consumer health information, they not only need to comply with HIPAA security and privacy regulations, but also the Federal Trade Commission Act.
The new guidance from the FTC and Department of Health and Human Services’ Office for Civil Rights comes in the wake of several enforcement actions that the FTC has taken against healthcare sector organizations in recent years for alleged privacy and security incidents that violate the FTC’s unfair or deceptive business practices regulations, including its ongoing case against LabMD.
