Kewa Jiang


With greater societal emphasis on the need for better mental health services coupled with COVID-19 limits, mental health mobile applications have significantly risen in variety, availability, and accessibility. As more consumers use mental health mobile applications, more data is generated and collected by mobile application companies. However, consumers may have the false assumption that the data collected is protected under HIPAA or have an expectation of privacy protection higher than current regulations afford. This Note examines HIPAA, Health Breach Notification Rule, and section 5 of the Federal Trade Commission Act, as well as how these regulations fall short of protecting the data and privacy of consumers who use mental health mobile apps. This Note then advocates for a preventative approach by Congress towards potential data breaches and protection of data from mental health mobile apps. Looking prospectively, the Note suggests how the gaps in consumer protection can be federally remedied.