Business Strategy
Channel Insights
Stay Connected
Acer America
Acer America Corp. is a computer manufacturer of business and consumer PCs, notebooks, ultrabooks, projectors, servers, and storage products.


333 West San Carlos Street
San Jose, California 95110
United States


ChannelPro Network Awards

hello 2
hello 3

News & Articles

December 22, 2020 |

FTC Charges Company Displaying HIPAA Seal with Consumer Fraud

Don’t make the same “stupid marketing mistake.”

You may have heard me speak or write about the risk of businesses using phony HIPAA compliance seals in their marketing. My warnings were based on a conversation I had with a Federal Trade Commission (FTC) attorney when we were both speaking at the National HIPAA Summit. She told me if a company has a breach or a compliance violation while displaying a seal, the FTC would consider it consumer fraud.

The FTC announced exactly that on December 16 in a settlement with SkyMed, a company that offers transportation services to travelers if they become seriously ill or are injured while away from home. According to the FTC complaint, SkyMed had a “HIPAA compliance shield” all over its website when a security researcher notified the company about an unsecure database with approximately 130,000 membership records that may have been breached. The FTC found that displaying the seal was an unfair business practice under Section 5 of the FTC Act that protects consumers. While the FTC did not issue a fine, it put SkyMed on a 20-year monitored compliance program that will be very expensive.

According to Healthcare Info Security, “The consent order also prohibits SkyMed from making misrepresentations including about how the company protects the privacy, security, availability, confidentiality or integrity of any personal information, as well as its participation ‘in any privacy or security program sponsored by a government or any third party, including any self-regulatory or standard setting organization.’ In other words, never use a seal, even if it comes from a third-party.

The article quotes regulatory attorney Paul Hales of the law firm Hales Law Group, who is not involved in the SkyMed case. He calls the company’s use of a HIPAA compliance seal on its website “a stupid marketing mistake.”

I once asked the head of a company how he could offer a HIPAA compliance seal based just on some questionnaires and discussions. I told him that even the federal government does not certify compliance. He answered, “If you read the fine print, you will see that it doesn’t mean they are compliant.” I replied that I was reading the big print that said their HIPAA compliance was verified.

Don’t make the same mistake. Remove any HIPAA compliance seals from your website. If you are reselling any HIPAA services to clients that are displaying a seal of compliance, tell them to remove the seal immediately. If a client has a breach or compliance violation, they may sue you for your role in providing them with the seal, which may not be covered by your Errors and Omissions insurance because of the deceptive business practice exclusion.

Editor’s Choice

Introducing ChannelPro’s Top 20 MSPs for 2024

June 18, 2024 |

These companies lead the way in building up the IT channel, as well as ensuring that their clients run thriving businesses.

Usage-Based Pricing: Pia Introduces New Model for aiDesk in Exclusive Interview

June 11, 2024 |

Pia adds a usage-based pricing option for cost control and flexibility while retaining its unlimited fixed price model.

Midwest MSPs Treated to Personal Stories, Compelling Demos, and More at ChannelPro LIVE: Columbus Show

June 7, 2024 |

Ohio technology professionals joined ChannelPro to share business best practices at the area’s first-of-its-kind event.

AI-as-a-Service Takes Shape for 3 MSPs

June 4, 2024 |

AvTek Solutions, LAN Infotech, and PCH Technologies share how they are working with the new AI-as-a-Service platform in their day-to-day business.

Related News & Articles

Growing the MSP

Explore ChannelPro


Reach Our Audience