Electronic Health Records (EHR, EMR)

FTC nails Practice Fusion with 20-year privacy practice order

Under the settlement, the EHR-vendor will be closely monitored by the FTC for compliance and liable for up to $40,000 in penalties for any violation.
By Jessica Davis
August 17, 2016
11:06 AM

On Tuesday, the U.S. Federal Trade Commission approved a final order with EHR vendor Practice Fusion that will consent to a 20-year privacy practice order, stemming from its highly-publicized privacy scandal.

The settlement was first announced in June, and after a 30-day comment period, the final order was unanimously approved, 3-0.

Practice Fusion was charged with soliciting reviews from patients and posting them online - without concealing personal identification information. According to the FTC, the patients in question were unaware their information would be disseminated online.

Precision medicine: Analytics, data science and EHRs in the new age

The FTC charged that although there was a privacy policy online, from 2012-2013 Practice Fusion didn’t warn patients their reviews would be publically available.

"Practice Fusion’s actions led consumers to share incredibly sensitive health information without realizing it would be made public," Jessica Rich, director of the FTC’s Bureau of Consumer Protection, said in a statement. "Companies that collect personal health information must be clear about how they will use it – especially before posting such information publicly on the Internet."

Under the final agreement, Practice Fusion is prohibited from misrepresenting the extent of its use of any patient information, including the data it makes publicly available and the vendor cannot post any personal identifiable information of its patients online without the explicit consent of the patient.

Further, Practice Fusion is prohibited from commercially exploiting or publicizing review information - which was the cornerstone of the scandal. The FTC will be allowed access to company records and use any means to make sure Practice Fusion remains compliant.

Practice fusion will be liable for civil penalties up to $40,000 per violation of the final order, according to FTC Secretary Donald S. Clark.

“As is the case with all Commission orders, Commission staff will closely monitor Practice Fusion’s conduct to determine whether any violations occur,” Clark continued in a statement. “In light of these considerations, the Commission has determined that the public interest would best be served by issuing the Decision and Order in the above-titled proceeding in final form without any modifications.”

The FTC’s order spans 20 years and, as such, terminates on August 15, 2036.

Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn

Topics: 
Cloud Computing, Electronic Health Records (EHR, EMR), Government & Policy

More regional news

UnitedHealth Group Optum building

Optum Virtual Care said to be closing down

By
Andrea Fox
April 26, 2024
Dr. Yinka Oyelese of Beth Israel Deaconess Medical Center on ultrasound AI

AI can make maternal ultrasonography more accessible, accurate and efficient

By
Bill Siwicki
April 26, 2024
John Halamka, president, Mayo Clinic Platform, and Arcadia president and CEO Michael Meucci with Kate Milliken

Prepare for success before deploying healthcare AI

April 26, 2024
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

Dr. Yinka Oyelese of Beth Israel Deaconess Medical Center on ultrasound AI
AI & ML Intelligence
AI can make maternal ultrasonography more accessible, accurate and efficient

Most Read

HIMSS24 Europe: Interoperability takes centre stage in Rome
How AI and FHIR can help reduce sepsis mortality rates
HSCC publishes 5-year healthcare cybersecurity strategic plan
Healthcare is the big victim of Blackcat's cyber counteroffensive
Latest AI deployments for precision medicine in APAC hospitals
Highmark works with Epic and Google to boost payer-provider data exchange

Research

White Papers

More Whitepapers

Compliance & Legal
Artificial Intelligence
Analytics

Webinars

More Webinars

Artificial Intelligence
Analytics
Analytics

Video

Adam McMullin at AvaSure_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Patient safety gets a boost from AI-powered virtual care
Sponsored by
John Halamka, president, Mayo Clinic Platform, and Arcadia president and CEO Michael Meucci with Kate Milliken
AI should augment, not replace, clinicians’ expertise
Jonathan Bush at Zus Health_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Independent patient data platform helps advance interoperability
Rachelle Landry at BD Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
How to help clinicians understand the value of digital health

More Stories

A radiologist examining X-ray images
National University Hospital launching AI-driven...
Heidi Wold at Longevity Health Plan_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
Patients benefit from post-acute care
Wes Cronkite of TruBridge on AI
Highlighting rural voices is imperative for equitable, bias-free healthcare AI
Dr. Bill Frist and Larry Ellison
Oracle launches Autonomous Shield initiative, with eye on cloud cybersecurity
Clinicians consult a tablet
Patch management advice for fixing IoT vulnerabilities
Dr. Jesse M. Ehrenfeld, AMA president_Palm trees and skyscrapers in Orlando Photo by Gabriele Maltinti/iStock/Getty Images Plus
AMA leader: Physicians must be the lodestar for IT innovation
Christine Antorini
Recognizing nursing as a calling: A key step toward enhancing workforce sustainability
One of Mercy Health's hospitals in Victoria
Role-based messaging's growing popularity in...