LabMD, an Atlanta-based cancer-screening laboratory, has slapped the Federal Trade Commission with a lawsuit seeking to stop what the company calls an "abuse of power and regulation" of patient information without proper authority. Only the Department of Health and Human Services can enforce patient privacy laws, LabMD contends.
In August 2013, the FTC filed a complaint against LabMD, alleging the medical testing laboratory exposed roughly 10,000 consumers' personal information including names, social security numbers, dates of birth, insurance provider information and standardized medical treatment codes, Becker's Hospital Review notes.
The lawsuit, filed March 20, alleges the FTC "does not have the power to broadly regulate data security and that Congress delegated the authority to regulate protected health information to the HHS."
LabMD seeks a declaration that the FTC lacks jurisdiction specifically under Section 5 of the Federal Trade Commission Act to regulate personal health information (PHI) data-security practices. Article