FTC Orders Cerebral, Inc. to Restrict Use of Sensitive Consumer Data and Provide Easy Cancellation Services

The Federal Trade Commission (FTC) has cracked down on telehealth firm, Cerebral, Inc., ordering the company to tighten its data security practices and provide consumers with an easier way to cancel services. The FTC charged Cerebral with failing to protect sensitive health data by disclosing consumers’ personal information to third parties for marketing purposes and misleading consumers about its cancellation policies.

Cerebral, which offers mental health services online, collected detailed personal data from users, including medical histories, payment information, and even information about their religious or political beliefs. The company allegedly shared this sensitive data with third parties like LinkedIn, Snapchat, and TikTok without obtaining proper consent from consumers.

In addition to its privacy violations, the FTC complaint accused Cerebral of engaging in deceptive practices related to substance abuse treatment services and violating the Restore Online Shoppers’ Confidence Act by making it difficult for consumers to cancel services.

To settle these charges, Cerebral has agreed to pay over $7 million in penalties and refunds to affected consumers. The company will also be required to implement a robust privacy and data security program, ban the sharing of consumer data with third parties for marketing purposes, and provide consumers with an easy way to cancel services.

Overall, the FTC’s crackdown on Cerebral serves as a warning to telehealth companies to prioritize data security and transparency with consumers. As telehealth services continue to grow in popularity, ensuring the protection of sensitive health information must be a top priority for companies in this industry.