FTC Orders Cerebral to Stop Using Personal Data for Advertising
FTC Orders Cerebral to Stop Using Personal Data for Advertising
The U.S. Federal Trade Commission (FTC) has taken strict action against the mental telehealth company Cerebral for major privacy violations. The company has been ordered to pay a fine of over $7 million and is prohibited from using or disclosing personal data for advertising purposes.
The FTC found that Cerebral, along with its former CEO Kyle Robertson, misled consumers about their privacy practices and failed to honor their cancellation policies. The agency stated that the company did not clearly disclose that users’ sensitive health information would be shared with third parties for advertising purposes. Additionally, Cerebral is accused of sharing users’ data with platforms like LinkedIn, Snapchat, and TikTok without proper consent.
The company’s deceptive practices included burying data sharing practices in dense privacy policies and allowing former employees access to sensitive medical records. They also sent promotional postcards to over 6,000 patients that revealed their diagnosis and treatment information.
As a result of the FTC’s enforcement action, Cerebral has been barred from disclosing personal and health information to third parties for marketing purposes. They are also required to implement a comprehensive privacy and data security program and inform users about the FTC order on their website. Monument, another health company, also faced similar enforcement actions from the FTC for disclosing health information to third-party platforms without user consent.
The FTC’s crackdown on companies like Cerebral and Monument highlights the importance of protecting users’ privacy and reinforcing regulatory compliance in the healthcare industry. It serves as a warning to other healthcare service providers to ensure proper data handling practices and respect user privacy.