Imagine taking the incredibly strong first step of acknowledging you’re struggling with your mental health. You browse the internet for accessible resources and find glowing reviews (and a LOT of promotions) about BetterHelp. You sign up under the guise that anything you reveal will be confidential. And then for the next few months, you’re bombarded with mental health-related ads on every platform you use. Hmm… strange.

But not strange at all, actually. Because, as the FTC claims, BetterHelp intentionally broke its promise to consumers. According to a settlement agreement reached in March of this year, the FTC says the mental health platform used a variety of schemes to share the health information of over 7 million consumers to advertise on Facebook, Snapchat, Criteo, and Pinterest. 

When signing up, BetterHelp did relay to customers that general information would be collected. Their reasoning, however, was not exactly truthful. Consumers were told “general and anonymous background information about you and the issues you’d like to deal with in online therapy” would be collected so each person would be matched “with the most suitable therapist.” They also promised anyone thinking about signing up for Faithful Counseling, Pride Counseling, or Teen Counseling that their email addresses would be “kept strictly private” and “never shared, sold or disclosed to anyone.” 

Allegedly, BetterHelp uploaded the email addresses of 2 million all current and former clients to Facebook to ambush them with targeted ads. Shockingly, the company also allegedly shared the IP and email addresses of 5.6 million former visitors to target them with BetterHelp ads. They also disclosed email addresses to Criteo and Pinterest. 

Rightfully so, customers were astonished and appalled. Many expressed feelings of being violated – recognizing that mental health therapy is an extremely private topic that many people do not want to share. 

Not only did BetterHelp betray their customers – they also violated the law. Health information is some of the most confidential and highly protected data. The FTC charged that BetterHelp engaged in deceptive and unfair business practices – based on the claims made that assured clients’ information would be kept private and used for specific reasons, and based on the fact that the company itself encouraged clients to divulge this information. 

The FTC also found BetterHelp shared information with third parties and failed to limit such third parties’ use of the information. On top of that, the FTC argues BetterHelp’s website employed a deceptive HIPAA seal.

$7.8 million partial refunds later, BetterHelp is sent a major message about just how seriously the FTC takes privacy matters. As social media and online communications become a vital part of everyday life – businesses must establish strict privacy and data policies and procedures. Just doing enough is no longer enough. Leadership needs to develop strict, clear guidelines regarding privacy and data protection – especially when sensitive information is shared. And not only do rules need to be in place, but they must be followed. Thorough oversight and management are key to ensuring things run smoothly. 

Being a socially responsible corporation is more than just having a message that resonates with consumers. It’s about practicing what you preach. The public needs to be able to trust you with their information so that they feel empowered and encouraged to form a relationship with you.