GoodRx was recently found to be sharing information about its clients' medical needs with internet-based companies, including Facebook and Google. Prior to recent changes, businesses could receive the names of medications GoodRx users researched, along with information about the device owner.
GoodRx is a telemedicine platform where users can save money on prescription medicine. The site lets users compare the prices of thousands of pharmacies across the US and use coupons to reduce the cost. However, it has since come to light that the savings made through the service also have led to the sharing of customer data with third-party companies.
It was recently revealed through Consumer Reports that the company's app shared search information with third-party marking firms, allowing them to derive personal details about GoodRx users. In response, Thomas Goetz, GoodRx’s chief of research, said, “to reach new customers who might find GoodRx useful, we place advertisements for GoodRx on third-party platforms, including Facebook and Google, and retarget users who have visited GoodRx to encourage them to come back and use the service.” Following the report’s release, GoodRx also released a post on their blog, announcing that they would be taking steps to improve their user’s security. Moving forward, GoodRx will keep anything you type on its site from being shared with Facebook and has already inspected the data shared with Google to ensure that none of it is compromising. Users protected by the California Consumer Product Act will also be able to delete any data GoodRx has on them through the help section on their website.
The Latest Example Of Too Much Information
GoodRx and other websites track your online activity through internet cookies. Essentially, data is sent from the site to the user’s computer via the web browser, and the website uses that data to keep track of user activity. Most frequently, this is used to remember passwords, but it’s also how sites like Facebook market people with personalized advertisements. Many of these can be removed by clearing them through your browser’s delete history function, though cookies are often used in conjunction with onsite activity such as Facebook’s likes and online purchases. GoodRx doesn’t let people delete the data it store on them, stating in the privacy section of their website, “GoodRx does not sell personal medical data. We make money from advertisements on our site and referral fees. This revenue enables us to continue to make the best, free product to help Americans afford the prescriptions they need.” However, users should have power over their data, and while GoodRx promises to do better, it does very little to alert its users to the tracking. The moment people use the website, their data is in GoodRx’s system, and they have no say over its usage from then on.
If you qualify, you can delete data from GoodRx’s site through the Help section in the top right portion of the page, next to signup. There, you’ll be presented with an FAQ, and under privacy there’s a section that reads “Rights under CCPA” where you can submit a request for data deletion. Otherwise, GoodRx lets users opt-out of emails and messaging.
Source: ConsumerReports