Marian Lemont
As mobile mental health apps gain popularity as an emotional support alternative, privacy concerns regarding how consumers’ sensitive health data is handled are at an all-time high. Current federal privacy provisions provide insufficient consumer protection and thus render consumers’ sensitive information vulnerable to unwanted third-party sharing practices. The recently passed California Privacy Rights Act of 2020 (CPRA) includes new provisions governing businesses’ handling and deletion of sensitive user data. This article discusses how these new CPRA provisions provide a helpful framework to begin addressing this regulatory gap and identifies ways future privacy legislation can continue to strengthen mobile mental health app users’ privacy protections.