‘Ill-gotten gains’: FTC commissioner says GoodRx’s $1.5 million fine for health data leaks should have been higher

On Wednesday, the Federal Trade Commission made history by enforcing, for the first time, its power to go after companies that don’t notify consumers about health data breaches. The agency said it will fine GoodRx $1.5 million for sharing its users’ private health information with data brokers and advertising platforms such as Facebook and Google.

To one of the commissioners, though, that’s chump change.

“I am confident that a sizable percentage of consumers would have foregone the benefits of using GoodRx’s coupons and other services had they known about the company’s sieve-like data practices, an indicator that the company’s ill-gotten gains almost certainly constitute a large multiple of the $1.5 million civil penalty,”  FTC Commissioner Christine Wilson wrote in a statement that concurred with the FTC’s decision, but took aim at its handling of the health data breach.

STAT+ Exclusive Story

Already have an account? Log in

This article is exclusive to STAT+ subscribers

Unlock this article — and get additional analysis of the technologies disrupting health care — by subscribing to STAT+.

Already have an account? Log in

Already have an account? Log in

Individual plans

Group plans

Monthly

$39

Totals $468 per year

$39/month Get Started

Totals $468 per year

Starter

$30

for 3 months, then $39/month

$30 for 3 months Get Started

Then $39/month

Annual

$399

Save 15%

$399/year Get Started

Save 15%

11+ Users

Custom

Savings start at 25%!

Request A Quote Request A Quote

Savings start at 25%!

2-10 Users

$300

Annually per user

$300/year Get Started

$300 Annually per user

View All Plans

Get unlimited access to award-winning journalism and exclusive events.

Subscribe

Log In