The Federal Trade Commission has overstepped its authority in prosecuting cybersecurity cases and is taking a punitive stance rather than working with the healthcare industry to increase security for everyone, Mike Daugherty, president and CEO of LabMD, says in an interview at Healthcare Info Security.
The FTC's case against the Atlanta-based cancer-screening service LabMD was dismissed last November after an administrative law judge ruled that the agency failed to demonstrate consumers were harmed by two incidents in 2008 which LabMD is accused of mishandling the information of roughly 10,000 patients.
Daugherty portrays the FTC as "self-appointed cybersecurity cop" that is "off its leash and there's no way to pull them back."
The only way for companies to fight back is to go to court, which means a multimillion-dollar protracted "war" involving character assassination and fighting it out in the press, he said, adding that LabMD had no choice because the company's reputation would be ruined either way.
The problem is that regulatory agencies are not experts in the area they're regulating, he says. It also creates a quagmire when companies that do have industry information are required to turn it over to the government.
He says other federal agencies are trying to work with industry to have a more proactive discussion about cybersecurity.
"When Anthem gets nailed, it helps the FBI to work with that organization to find out what happened to keep it from happening to anyone else," he told the publication. "If you lose communication with that organization, everyone loses in the future."
To learn more:
- read the interview