Australian e-health company fined for sharing patient data without consent

According to ZDNet, HealthEngine, an Australian e-health company, has been ordered to pay AU$2.9 million in penalties, after having shared patient data without consent and skewed its reviews. The Australian Federal Court found the company engaged in misleading conduct in relation to sharing personal information of patients. HealthEngine admitted that between 2014 and 2018 it sold personal information such as names, dates of birth, phone numbers, and e-mail addresses of over 135 000 patients to third party private health insurance brokers without providing adequate disclosure to consumers.