Skip to main content

Health and wellness websites and apps collect a lot of personal and sensitive health information about their users. And they might make promises about how they’ll use and protect that data. If companies don’t honor those promises, it can lead to a serious breach of trust — and a lawsuit from the Federal Trade Commission.

The FTC recently took action against Cerebral, Inc., an online mental health provider, and Monument, Inc., an online alcohol treatment service. The FTC alleges that they promised to keep customers’ personal information private, but instead shared it with third parties, for advertising purposes.

According to the FTC, Cerebral disclosed data that included sensitive health information about customers’ medical histories and prescriptions, and Monument disclosed information that revealed that users were getting help with alcohol addiction. Both companies are banned from sharing users’ health information for advertising.

Cerebral also will pay more than $5 million to be used for refunds for failing to honor its so-called easy cancellation policy.

Concerned about how websites and apps use your personal information? Here are some things to consider:

  1. Compare privacy protections. Compare the privacy protections of different websites and apps that offer similar services. Look for a privacy notice that explains in simple terms what health information they collect from you, and how they use and share your information. If the website or app shares your information, does it say why? Does it limit what others can do with it?
  2. Review website notices. If you visit a website and see a notice about how the website uses cookies, review the options. They may let you choose to allow only cookies that are necessary or to allow cookies for advertising and other purposes. Choose the option that best suits you.
  3. Customize the information you share. Your browser’s privacy settings let you customize the information websites collect about you. For example, you can choose to block your location or personalized advertising or block websites from seeing your browsing history. For details, see How Websites and Apps Collect and Use Your Information.

Finally, some states have laws that give you the right to tell a company to delete your data — see if your state is one of them.

Image
Search Terms
consumer privacy
Topics
Online Privacy and Security

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.

The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.

  • We won’t post off-topic comments, repeated identical comments, or comments that include sales pitches or promotions.
  • We won’t post comments that include vulgar messages, personal attacks by name, or offensive terms that target specific people or groups.
  • We won’t post threats, defamatory statements, or suggestions or encouragement of illegal activity.
  • We won’t post comments that include personal information, like Social Security numbers, account numbers, home addresses, and email addresses. To file a detailed report about a scam, go to ReportFraud.ftc.gov.

We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.

Lance addison
April 15, 2024

Stop using mybinfo

Robert Ferguson
April 15, 2024

I have been hacked compromised for years from all of these websites social media etc.

Grace Schilke
April 15, 2024

I ordered food from Winn Dixie for delivery and the game my credit card number to the delivery agent, Instacart, who passed it on to a related company that charge me over $100 for nothing. First three deliveries were advertised to be free. California scammers at work

Bobbie
April 16, 2024

What I'm not happy about, and I get strange calls from people all over US wanting to buy my home, My home has never been listed with a real estate co, when I bought my home, it was straight from owner that has had it sine 1940s, I find my home listed on some real estate co, also googles, they have my address they advertise, and people know how to get your personal information from local court houses cause its public knowledge using the address. the picture of my home is also listed. come on, this is not safe now days, and is breaking privacy. somebody needs to get strictor about this, even some how they can also aquire your home deed and claim ownership.

Lisa Warren
April 16, 2024

Market place health signed me up for insurance when I already have a great insurance company now it's a mee

david beaulieu
April 16, 2024

Thank you for letting me know what is really going on.

Charmgirl
April 16, 2024

This is unbelievable! Seems like your information is not safe anywhere! You can trust no one but The LORD! It has no become a hobby to scam and deceive innocent people. Thank you for these alerts! We do not think the same as scammers do. One day , this will cease. Gaining control of our personal finances, and personal information.

Neverending
April 26, 2024

In reply to by Charmgirl

I agree ! It’s unbelievable , but it’s never going to end.
Have you ever given or thought you could give a W9 form ? How about KYC know your client? How about a OMB number or a substitute form ?

Know one thing and never give your information without knowing the information to file a police report.

The scam is that you believe an alert is an action to prevent. A report is believed to indicate that it is accountable for information that may result in enforcement. IRS has warnings on Form W9 is only issued by the IRS. PNC ignores because they know you can’t get a lawyer

Wonderwoman
April 16, 2024

What. Is the main purpose for cookies if not to collect data about you that they have no business knowing in the first place?

Nadelle Eastwell
April 16, 2024

Hi, over the last three weeks someone hacked my account through a third parties and were using my contents and imagines posted on malisous sites to make money of myself.

Joe Dias
April 17, 2024

Thank you FTC for shining a light on this insidious problem affecting all of us. I believe in free markets and at the same time ask why the Federal Govt. not prescribe/mandate minimum standards to protect our privacy rights? Each state could still take additional steps if so desired.

The rapidly developing technology combined with confusing legal "double speak" makes it too difficult for most people to understand when their interests are being compromised.

We consumers need to get with our local and congressional representatives but at the same time I hope the FTC leverages their considerable position to have the Federal government set minimum privacy standards.

Garush
April 17, 2024

All the companies do this, pharmacy, insurance,..... They will not let you opt out. Info goes to all their subsidiaries, and related companies they do business with. I get calls from CVS, Aetna, Atlantic health care trying to sell diabetic items. I am not a diabetic but had a higher than normal sugar blood fasting reading........... My home owners insurance provider was bought over by a big foreign company that I do not like so they have all the info on me. Now my info is owned by unregulated countries and any hackers that hack them...

Garush
April 17, 2024

Somehow my os. firefox and duckduck have a pop up to block my location and if I check no cookies the site may still activate. Think I am set up to delete all cookies except the ones I choose to keep. It helps a bit if you can set up your computer for more privacy and use safer programs. That is where [esp the seniors] we need so education if we have to use the computer. The doctors want us to register online. Not that these programs work if you choose not to respond to some items.

Carlos Morcate
April 17, 2024

No doubt many others are doing the same.

Stacie Irene M…
April 18, 2024

Who let the internet available and accessible to the people and all the people without safety and surveillance to begin with? Should of not been able to have the internet. Worpse humans minds. Traumatic events for myself, I suffer still to this day. We all do! Who is accountable for the world wide web leakage of bad data and cites that should not been accessible...

G.
April 19, 2024

I only realized in the last 2 years that the FTC has NO access or email for US citizens to ask for assistance from them on banking services. Just like all other US departments in the last 2 decades. Doesn't have anything TO DO WITH THE PRESIDENTS. Congress was established to " keep the departments honest, EFFECTIVE, and operational. All are virtually on cruise control, except to pick up their government checks. smh

Return to top