“startup” and “healthcare” should never be mixed. At least in the way we have been talking about “startups” for the last years. Silicon Valley butt out.
GoodRx is not covered under HIPAA. It’s the reason why it and companies like Postmeds exist, to skirt limitations on data collection and selling imposed by HIPAA. The fact that the data leaked is more of an issue for profitability of those companies than a privacy breach for Americans. The people who are using these services in a desperate attempt to access affordable healthcare have no legal expectation of privacy already.
🤖 I’m a bot that provides automatic summaries for articles:
Click here to see the summary
More than two million people across the United States will receive notice that their personal and sensitive health information was stolen earlier this year during a cyberattack at Postmeds, the parent company of online pharmacy startup Truepill.
Postmeds, through Truepill, has fulfilled prescriptions for customers of Folx, Hims, and GoodRx, and other popular online telehealth startups that have emerged in recent years.
Postmeds recently told federal regulators in a legally required notice that 2.3 million individuals had their personal information stolen in the breach.
“Like other healthcare companies, we send prescriptions to a wide range of pharmacies based on member choice, medication availability, cost, and other factors.
CostPlus, the lower-cost online pharmacy founded by Mark Cuban, which relies on Truepill for shipping medications to customers, did not respond to requests for comment.
As Consumer Reports notes, HIPAA “does lay out privacy rules for health care providers and insurance companies to follow when they handle personally identifiable medical data,” but the same piece of information protected at a doctor’s office “can be totally unregulated in other settings.”
Saved 88% of original text.
deleted by creator
