On July 1, 2024, the amendments to the Health Breach Notification Rule (HBNR) went into effect. First promulgated in 2009, the HBNR applies to vendors of personal health records — entities that are not covered by the Health...more
7/3/2024
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
PHI ,
Popular
As privacy laws continue to proliferate in the U.S. and globally, there is one trend that companies, especially those operating in the health and pharmaceutical sectors, can no longer overlook. This is the trend towards data...more
Overview -
On February 28, 2024, the Biden administration released an Executive Order that would restrict “countries of concern” from accessing Americans’ sensitive personal data, including “genomic data, biometric data,...more
The U.S. privacy landscape has changed rapidly over the past few years. But the most significant recent changes relate to “consumer health data” — health information about identified or identifiable consumers that falls...more
On June 30, 2023, the Superior Court of California, County of Sacramento, Judge James Arguelles presiding, issued an order prohibiting the California Privacy and Protection Agency (the Agency) from enforcing regulations...more
On August 24, 2022, California Attorney General Rob Bonta announced a settlement with Sephora for violations of the California Consumer Privacy Act (CCPA). The action places online consumer tracking, analytics and advertising...more
Yesterday, the FTC issued a policy statement announcing a new interpretation of the FTC’s 10-year-old “Personal Health Record Breach Notification Rule.” As the FTC acknowledges, this rule has never been enforced by the FTC....more
Last year’s European Court of Justice (ECJ) judgement in Data Protection Commissioner v Facebook Ireland LTD, Maximillian Schrems, C-311/18 (Schrems II) continues to have ramifications for cross border data transfers. The...more
In early June 2021, the European Commission adopted a new set of Standard Contractual Clauses for organizations to use to ensure compliance with the EU General Data Protection Regulation (GDPR) requirements for transfers of...more
Following on from this week’s big announcement by the European Data Protection Board (EDPB) on its expectations for international data transfers after the European Court of Justice’s July 16 Schrems II decision, the European...more
On November 11, 2020, the European Data Protection Board (EDPB) issued two much-anticipated guidance documents, outlining the approach it expects organizations to take when transferring data out of the EU. Although these...more
Why Do Clinical Trials?
Clinical trials are an important — and government-required — step on the way from an idea to a commercial medicinal product. All new pharmaceutical and biological products and most generic...more
On April 2, 2020, the Office for Civil Rights at the Department of Health and Human Services (OCR) announced that, effective immediately, they would exercise “enforcement discretion” regarding disclosures of COVID-19-related...more
The long anticipated amendments to the CCPA were passed by the California Legislature in early September and now await Governor Newsom’s signature. Some of the changes were “clean up” amendments to update cross references,...more
9/19/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Governor Newsom ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Private Right of Action ,
Right to Delete