No Free Passes: FTC Highlights Health Privacy in Congressional Testimony
The Commission could be even more effective in deterring unfair and deceptive practices, she asserted, if Congress would pass legislation that would strengthen the Commission’s existing data security authority and expand the breach notification requirements to include a broader range of entities, such as health websites or online newsletters, which are not covered by current rules. In addition, Bureau Director Rich called for Congress to expand the FTC’s civil penalty authority, jurisdiction over non-profits, and rulemaking authority under the Administrative Procedures Act.
All in all, Bureau Director Rich’s testimony was consistent with the Commission’s approach of continually assessing new developments and emerging trends and threats in the privacy area and with the soon-departing Commissioner Brill’s remarks from February 2016 when she stated that “Neither new technologies nor small companies get a pass under the FTC Act. So, trying to ‘fly under the radar’ as a small company is not a strategy that I recommend.”
Tags: HIPAA