Speaking in Washington on Wednesday, Federal Trade Commissioner Julie Brill voiced her concerns about potential risks to consumer health data from data brokers who are collecting and sharing sensitive information with third parties.

According to Brill, the Health Insurance Portability and Accountability Act of 1996 was enacted at a time “when it made sense to think about doctors, insurance companies and hospitals, who were covered by HIPAA and then their business entities. But, now what you have is data that’s flowing massively everywhere and it doesn’t really understand the silos that were created by these laws.”

FTC conducted a study of data brokers who obtain and share vast amounts of consumer information, typically behind the scenes, without consumer knowledge. What the commission discovered was that these data brokers collect and store billions of data elements covering nearly every U.S. consumer from which they build profiles on consumers.

“Some of those profiles are quite benign but some of them have quite sensitive information in them, not only with respect to the health conditions the consumers may have but also with respect to their race and financial status,” said Brill. “These profiles are sometimes used for marketing--which some people consider to be relatively benign--but sometimes these profiles might be used for more important decisions about consumers. For instance, are they a trustworthy customer? Should a company do business with that consumer?”

In May, FTC revealed that some of the most popular mobile health and fitness apps are sharing consumer data with third-party companies and putting potentially sensitive information at risk. The commission tested 12 apps and found that this kind of information was sent to 76 third-party companies. FTC is urging Congress to protect sensitive health information by requiring that consumer-facing sources obtain consumers’ affirmative express consent before they collect sensitive information.

“The law is on some level always going to lag behind technology. Technology is moving at lightning speed,” said Brill. “Our job at the commission is to try to instill in the app community, developer community--with respect to platforms and any new technological system--that there are fundamental consumer protection rules that need to apply and they need to be thinking about those.”

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access