FTC set to crack down on health apps under breach notification rules

The Health Breach Notification Rule set forth by the U.S. Federal Trade Commission in 2009 was not initially directed toward health apps used strictly for non-medical uses, but the FTC has indicated it will enforce the rule for developers of these non-medical apps as well. The risk is substantial for these developers as the civil penalties for breaches can reach $44,000 per violation per day, which in the case of a mass breach could present a profound financial risk.