The Health Breach Notification Rule set forth by the U.S. Federal Trade Commission in 2009 was not initially directed toward health apps used strictly for non-medical uses, but the FTC has indicated it will enforce the rule for developers of these non-medical apps as well. The risk is substantial for these developers as the civil penalties for breaches can reach $44,000 per violation per day, which in the case of a mass breach could present a profound financial risk.