What You Should Know:
– The Department of Justice (DOJ), in conjunction with the Federal Trade Commission (FTC), announced a settlement with Cerebral Inc., a telehealth company, resolving allegations of data privacy violations, deceptive practices, and misleading cancellation procedures.
– The government, however, is continuing its case against Cerebral’s former CEO and other executives, along with separate telehealth companies founded by the former CEO.
Cerebral Settles Charges, Agrees to Reforms
Cerebral has agreed to a settlement order that requires the company to:
- Stop Misusing and Disclosing Patient Information: Cerebral must cease unauthorized collection and sharing of patient data with third parties for advertising purposes.
- Improve Data Security and Privacy Practices: The company is required to implement stricter data security measures to safeguard sensitive patient information.
- Provide Clear and Fair Cancellation Procedures: Cerebral must offer a simple and accessible process for users to cancel subscriptions and avoid unwanted recurring charges.
The settlement includes a $5 million consumer redress payment and a $10 million civil penalty, with $8 million suspended due to Cerebral’s limited ability to pay.
Government Continues Case Against Former Executives and Other Companies
The DOJ is continuing its pursuit of legal action against:
- Cerebral’s Former CEO, Kyle Robertson, and Former Executive, Alex Martelli: The government alleges these individuals directed deceptive practices and data security breaches at Cerebral.
- Telehealth Companies Founded by Former CEO: The complaint targets Zealthy Inc. (now Gronk Inc.), Bruno Health P.A., and their executive, German Echeverry. These entities are accused of similar violations related to data privacy, billing practices, and cancellation procedures.
Allegations Against Cerebral and Former Executives
The amended complaint details a series of alleged violations by Cerebral and its former leadership:
- Misuse of Patient Data: Cerebral is accused of deploying online tracking tools that collected and transmitted user data to third parties without informed consent, contradicting the company’s claims of privacy and data security.
- Chronic Data Security Breaches: Despite assurances of secure services, Cerebral’s deficient practices allegedly led to repeated unauthorized disclosures of user information.
- Fake Online Reviews: The complaint alleges Cerebral, under the direction of former CEO Robertson, orchestrated the creation of fake positive reviews and suppression of negative reviews on online platforms.
- Deceptive Billing and Cancellation Practices: Cerebral is accused of failing to clearly disclose billing terms and making it difficult for users to cancel subscriptions, leading to millions of dollars in charges for unwanted services.
The DOJ and FTC emphasized their commitment to protecting consumers in the growing telehealth industry. This case sends a message that telehealth companies must prioritize data privacy, security, and fair business practices.
“Consumers deserve to trust that their sensitive health information is handled responsibly,” said Principal Deputy Assistant Attorney General Brian M. Boynton. “We will continue to hold companies and executives accountable for violations of the law and ensure telehealth companies operate with integrity.”