MDLive has been hit with a class-action lawsuit accusing the telehealth provider of violating patients' privacy rights.
The lawsuit, filed Tuesday in a Florida federal court, alleged MDLive shared detailed patient health information with a third-party tech company without the patients' consent. The tech company, Israel-based Test Fairy, uses health information to fix bugs with MDLive's mobile app and to test users' experience.
The suit claims the company takes an average of 60 screenshots for the first 15 minutes patients use the app and then sends those images to Test Fairy. Patients' initial interactions with the app include filling out personal health information like behavioral health conditions and medications.
Users are led to believe that health information logged into the MDLive app will only be made available to physicians, the suit said.
The lawsuit also alleged that MDLive grants its developers and designers access to patients' medical history without their knowledge. "MDLive fails to adequately restrict access to patients' medical information and instead grants unnecessary and broad permissions to its employees, agents and third parties," the complaint said.
MDLive did not respond to a request for comment on Wednesday.
Plaintiff Joan Richards, a user of MDLive's app and Utah resident, seeks $5 million in damages.
MDLive, founded in 2009, is a privately held company and its financial data is not available. It received $23.6 million from investors in 2015.
Telehealth adoption has raised patient privacy concerns in the past. The American Medical Association has issued guidelines to help physicians understand how to ethically use the services.