Please support Telehealth.org’s ability to deliver helpful news, opinions, and analyses by turning off your ad blocker.
Adding to the growing number of recent FTC investigations about data being shared by telehealth platforms for profit, Cerebral reportedly notified 3.1 million users that their protected health information was shared with tech companies like Meta, Google, and TikTok. This admission by the Cerebral telehealth company is noteworthy because of the substantial valuation and size, the number of patients served, the number of clinicians employed, and the breadth of services offered through the Cerebral telehealth website and Cerebral app.
The company states, “Cerebral is a mental health subscription that provides clients with ongoing, comprehensive access to online care and medication management for a monthly rate. Conditions that Cerebral treats include: anxiety, depression, insomnia, postpartum depression, menopausal depression, ADHD (in certain states), trauma and PTSD, bipolar disorder (in certain states), and alcohol dependence (in certain states). Additionally, we can help with: relationship issues and divorce, stress management, anger management, LGBTQI+, grief and loss, traumatic life events, confidence and self-esteem, phobias, coping with illnesses.”
OCR’s Allegation of Cerebral Telehealth
The Office for Civil Rights, the US Health and Human Services department in charge of investigating and sanctioning HIPAA violations, has posted the results of their current investigation of Cerebral. Cerebral was obligated to contact their customers to report the data breach and the types of data involved. MedCityNews provides a download to Cerebral’s March 9 admission letter sent to users, explaining how and which patient information was shared.
Consumers reportedly were misinformed about who will see their data, including demographics, self-report symptom checklists, and more. Although most companies ask visitors to check a box regarding which types of information will be shared, it is reasonable…