On Jan. 3, the company said that some personal user data was disclosed to certain third-party contractors and companies “without having obtained HIPAA-required assurances.”
LegalScoops reported the practice started in 2019.
Cerebral did not state how many patients were affected, but said it has removed the pixel tracking technology from its applications.
A spokesperson for the company told Becker’s, “We immediately took action to change our data transmission practices and bring them in line with our commitment to patient privacy. Guided by core principles of transparency and respect for our clients’ information, we are committed to correcting historical errors and leading the industry in privacy standards moving forward.”
