Partner Laura Riposo VanDruff was quoted in a recent DigiDay article discussing the FTC’s new approach in applying the Health Breach Notification Rule to govern the privacy and security of data in fitness apps and other technology used to monitor health. Although no companies have yet been charged under the rule, the FTC’s goal is to better align enforcement with how health data is handled.

VanDruff, who recently served as assistant director in the FTC’s Division of Privacy and Identity Protection inside its Consumer Protection Bureau, calls the plan to apply the existing health breach notification rule to health apps a “significant expansion” of the original interpretation. “I’m not sure that the FTC has identified where the guardrails are, the policy statement raises so many questions for companies that provide health and wellness and fitness services, and the statement doesn’t answer those questions about what companies can do.”

Read the full article here.

Kelley Drye’s Laura Riposo VanDruff Featured in DigiDay Article on FTC and Mobile Health Apps