BetterHelp Settles Health Data Privacy Violations

The Federal Trade Commission (FTC) has reported that it has reached a settlement with BetterHelp Inc., an online counseling service provider based in California, to resolve alleged FTC Act violations. The offered BetterHelp settlement necessitates paying $7.8 million to consumers as reimbursments as a result of deceitful trading tactics. This is the first FTC settlement to demand payment of refunds to consumers whose medical data was exposed.

FTC Repress Deceitful Privacy Practices by Online Healthcare Companies

This is the second FTC settlement reported last month. It is included in its present crackdown on deceitful trading practices by online healthcare companies The announcement was given only a couple of days after GoodRx paid $1.5 million to resolve its alleged violations of the FTC Act and Health Breach Notification Rule. These negotiations are meant to tell companies providing online health services that they should make sure to advise consumers regarding the use of their sensitive health data and that in case they say they keep health data private and confidential, then they should not disclose that data to third parties with no authorization or awareness of consumers.

Just as in the case of GoodRx, allegedly BetterHelp has disclosed sensitive consumer information with big marketing platforms like Facebook, Pinterest, Snapchat, and Criteo, in spite of its claim on its websites that sensitive health data remain private and won’t be shared.

FTC Investigates BetterHelp

BetterHelp offers mental health and counseling services on the internet. It operates under the name BetterHelp, BetterHelp Counseling, and other names that are targeted for specific markets, including Faithful Counseling for people of the Christian faith, Pride Counseling for members of the LGBTQ community, Teen Counseling for teenagers, and Terappeuta for Spanish-speaking clients. As per the FTC, BetterHelp notified users that their sensitive data would remain private and confidential and won’t be disclosed to third parties. Yet, in reality, the company was giving sensitive consumer data to marketing programs.

FTC’s Senior Attorney Lesley Fair talked about the BetterHelp settlement in a blog post. It mentioned the post on BetterHelp websites such as “Rest assured – any information provided in this questionnaire will stay private between you and your counselor.” But BetterHelp should state that it plans to share data with big advertising platforms, such as Snapchat, Facebook, Pinterest, and Criteo. The FTC stated that BetterHelp provided notifications guaranteeing privacy at different phases of the sign-up process, which entailed the disclosure of consumers’ sensitive health data. For example, they had to disclose if they have suffered from depression, had suicidal feelings, and details about any medicines they were consuming. According to their replies, consumers are matched up with a suitable counselor and spend $60 to $90 each week for counseling.

BetterHelp mentioned on its website that data would just be shared with other people for limited uses, for instance for giving counseling services. However, consumer information including IP addresses, email addresses, and health questionnaire details, was shared with third parties. The FTC additionally claimed that consumers that registered in the past and got therapy had their email addresses and the fact they got therapy earlier posted to Facebook. Those disclosures enabled about 5.6 million people to be targeted with advertisements for BetterHelp’s services. The FTC claimed that Criteo got the email addresses of 70,000 visitors for advertising reasons over a period of 6 months. The same disclosures were given to Pinterest over a period of one year. These disclosures made it possible for the company to bring in thousands of new clients and make millions of dollars in profits.

Besides making wrong statements concerning privacy, the majority of BetterHelp’s web pages contained several seals associated with privacy and security, such as a seal representing the medical caduceus and the name “HIPAA,” indicating the its practices complied with HIPAA requirements, which the FTC regarded as a misleading practice. The FTC additionally claimed that in 2020, BetterHelp had misinformed the public by contradicting news reports that it shared consumers’ personal and medical data. In its replies to the succeeding customer complaints, the FTC states BetterHelp increased its deceptiveness.

Under the stipulations of the settlement, aside from giving partial reimbursements to consumers, BetterHelp is prohibited from revealing consumers’ medical information for marketing reasons or using personal details for retargeted advertisements with no authorization. BetterHelp has additionally consented to inform consumers regarding the case directly and take action to make sure to delete consumer information received by any third party.

A judge has not yet approved the settlement and the system used to give partial reimbursements to consumers who paid BetterHelp for services from August 1, 2017 to December 31, 2020 is not yet decided.

Action on the BetterHelp FTC Settlement

Betterhelp states in response to FTC that it is seriously committed to protecting the privacy of members. The trust of people using its services is valuable. Hence, its technology, guidelines, and procedures are created to safeguard and secure its members’ data. Member data is not used or disclosed without the appropriate authorization and permission. BetterHelp and the FTC have arrived at a settlement regarding BetterHelp’s marketing tactics that were in place from 2017 to 2020. The FTC claimed the company used minimal, encrypted data to enhance the performance of its advertising campaign and send more appropriate advertisements and reach individuals who might be considering its services. BetterHelp additionally affirmed that it uses the industry-standard practice as is used by several of the biggest healthcare providers, healthcare brands, and health systems. However, the company is willing to settle this matter about consumer marketing with the FTC. This settlement, which does not represent any acceptance of wrongdoing, enables BetterHelp to keep on focusing on the mission of serving millions of people all over the world to get access to good quality treatment.

BetterHelp additionally confirmed that they had minimal disclosures for advertising functions, and emphasized that personal data including members’ names and data from therapy visits is always 100% private and confidential. The company also just got its HITRUST certification.

Criteo responded to the issue at hand stating that it has a verified record of making sure its technology keeps the best levels of data privacy and protection. Criteo additionally utilizes best practices and data security principles including data security, data minimization, collection limit, retention limit, and pseudonymization to make sure it follows the strictest regulatory and moral standards worldwide. Criteo is not a defendant in the complaint filed with the FTC. The FTC or any party has not yet contacted Criteo concerning the allegations stated in the FTC complaint.

About the Author

Elizabeth Hernandez
Elizabeth Hernandez is the editor of HIPAA News. Elizabeth is an experienced journalist who has worked in the healthcare sector for several years. Her expertise is not limited to general healthcare reporting but extends to specialized areas of healthcare compliance and HIPAA compliance. Elizabeth's knowledge in these areas has made her a reliable source for information on the complexities of healthcare regulations. Elizabeth's contribution to the field extends to helping readers understand the importance of patient privacy and secure handling of health information. Elizabeth holds a postgraduate degree in journalism. You can follow Elizabeth on twitter at