(Reuters) – Healthcare company GoodRx Holdings will pay $1.5 million to settle claims it failed to notify customers it shared personal health information with Alphabet’s Google, Meta’s Facebook and others. It agreed, the Federal Trade Commission said Wednesday.
Under the terms of the settlement, GoodRx is prohibited from sharing user health data with other companies for advertising purposes.
“Digital health companies and mobile apps should not make use of consumers’ highly sensitive and personally identifiable health information,” said Samuel Levine, director of the FTC’s Office of Consumer Protection, in a statement. .
With more than 55 million people using its website or app over the past six years, GoodRx is a platform that offers discounts on medicines while collecting health information from users and pharmacy benefits managers.
GoodRx promised users that it would never share health information with advertisers, but did provide information to Google, Facebook, Criteo and others, the agency said in its complaint.
GoodRx said in a statement that the settlement issue was resolved three years before the agency began its investigation.
“We do not agree with the FTC’s allegations and do not admit wrongdoing.
The settlement is the first under the FTC’s health violation notification rule, the FTC said.
Under the settlement, the company is also required to set limits on how long it retains personal and health information and to publish its retention schedule, the agency said.
