GoodRx Fined, Ordered to Stop Data Sharing


GoodRX app| Image by Tada Images/Shutterstock

The Federal Trade Commission (FTC) has announced a first-of-its-kind enforcement action against a major healthcare company.

The company, GoodRX, has agreed to a settlement with the FTC, resulting in the United States Department of Justice filing a complaint seeking a permanent injunction and penalties against GoodRx, as part of that settlement agreement.

This is the first time the FTC has taken such action under its Health Breach Notification Rule.

GoodRx is an American healthcare company operating on a telemedicine format. This company is one of many dedicated to alleviating the national epidemic of obesity, one of the largest health problems facing the nation.

GoodRx allegedly shared personal healthcare information about customers with online advertisement entities like Facebook, Google, and other companies without notifying its patrons.

“Digital health companies and mobile apps should not cash in on consumers’ extremely sensitive and personally identifiable health information,” said Samuel Levine, director of the FTC’s Bureau of Consumer Protection, according to a statement by the FTC. “The FTC is serving notice that it will use all of its legal authority to protect American consumers’ sensitive data from misuse and illegal exploitation,” he continued.

GoodRx will pay a $1.5 million civil penalty for violating the rule. The company has agreed to do so, but the order must be approved by a federal court before going into effect.

In addition to this fine, the order would also permanently ban GoodRx from disclosing health data to advertisers and require the company to have a patron’s consent before disclosing data for any reason.

In a statement, GoodRx said, “The FTC focuses on an old issue that was proactively addressed almost three years ago, before the FTC inquiry began. We do not agree with the FTC’s allegations and we admit no wrongdoing. Entering into the settlement allows us to avoid the time and expense of protracted litigation.”

The company further said, “We believe that the requirements detailed in the settlement will have no material impact on our business or on our current or future operations. In fact, almost three years ago, before the FTC reached out to us, we proactively made updates consistent with our commitment to being at the forefront of safeguarding users’ privacy.”

If you enjoyed this article, please support us today!

Formed in 2021, we provide fact-based, non-partisan news. The Dallas Express is a non-profit organization funded by charitable support and advertising.

Please join us on the important journey to make Dallas a better place!

We welcome and appreciate comments on The Dallas Express as part of a healthy dialogue. We do ask that you be kind. Kind to each other and to everyone else in your comments. For more information, please refer to our Complete Comment Moderation Policy.

Subscribe to Comments
Notify of

Inline Feedbacks
View all comments