On September 15, 2021, the FTC issued a policy statement affirming that health apps and connected
devices that collect or use consumers’ health information must comply with the Health Breach
Notification Rule, which requires that they notify consumers and others when their health data is
breached.
The Commission noted that health apps, which can track health data such as glucose levels, heart
health, fertility and sleep patterns, increasingly collect sensitive and personal data from consumers.
The FTC stated that these apps have a responsibility to ensure they secure the data they collect, which
includes preventing unauthorized access to such information.
To read the full statement, click here.
