San Francisco-based genetic testing firm 1Health.io, which was previously Vitagene, has agreed to pay $75,000 to resolve the Federal Trade Commission's allegations that it violated customer data privacy, reports The Record, a news site by cybersecurity firm Recorded Future.
Aside from allegedly implementing inadequate security for collected health and genetic data, 1Health.io has also been accused of changing its privacy policy without customer consent, as well as deceiving customers regarding its data deletion policies, said the FTC.
In addition to paying the fine, which would be allocated toward refunding the firm's customers,1Health.io has also been mandated to ensure that all consumer DNA samples stored in excess of 180 days are destroyed by its third-party laboratories, as well as halt the sharing of health data provided before or after it overhauled its privacy policy in 2020.
The FTC has also ordered the genetic testing company to provide alerts to the agency regarding any incident involving health data sharing without customer consent.