In response to a recent Federal Trade Commission (FTC) complaint, as well as public scrutiny of Facebook privacy settings, the company announced new protections for users who discuss sensitive health topics in Facebook’s Groups forum.
An FTC complaint was filed in January and claimed that Facebook “deceptively solicited patients to use its ‘Groups’ product to share personal health information about their health issues,” Fierce Healthcare reported. According to the complaint, “Facebook has marketed this product as a Personal Health Record. Facebook then leaked to the public health data that those patients uploaded. At least in some cases, this was done contrary to the specific privacy decisions made by Facebook users.”
Among the changes announced by Facebook founder Mark Zuckerberg is that individuals will be able to pose questions in closed groups anonymously—an option that hasn’t been available previously. Additionally, Facebook will separate groups that are dedicated to health issues with a special “health support group” designation. In these groups, individuals will be able to post and ask questions through a designated administrator, Fierce reported.
Critics of the new policy argue that even with questions posed anonymously, a user’s health information is still accessible to advertisers and marketers in other ways—and while it’s not a HIPAA liability to providers and other stakeholders, they should be aware of other ways health data are being used, argues healthcare lawyer David Harlow, according to Fierce Healthcare.
“It’s not a HIPAA problem, it’s a data privacy problem. The FTC has a health data breach rule which may be applicable in these circumstances,” he told the publication. “It would be better to have a broader uniformed set of rules and regulations not specific to a type of data or type of platform that would be more protective of individuals.”