On May 17, 2024, Colorado Governor Jared Polis signed into law SB 24-205—concerning consumer protections in interactions with artificial intelligence systems—after the Senate passed the bill on May 3, and the House of...more
5/20/2024
/ Algorithms ,
Artificial Intelligence ,
Automation Systems ,
Colorado ,
Employer Liability Issues ,
Innovative Technology ,
Machine Learning ,
New Legislation ,
Popular ,
Regulatory Reform ,
Regulatory Requirements
On May 17, 2024, Colorado Governor Jared Polis signed into law SB 24-205—concerning consumer protections in interactions with artificial intelligence systems—after the Senate passed the bill on May 3. The law adds a new part...more
5/20/2024
/ Algorithms ,
Artificial Intelligence ,
Automation Systems ,
Colorado ,
Innovative Technology ,
Machine Learning ,
Non-Discrimination Rules ,
Pending Legislation ,
Popular ,
Regulatory Agenda ,
Regulatory Reform ,
Risk Management
New York Governor, Kathy Hochul, recently announced proposed cybersecurity rules for New York hospitals, which are due to be imminently published in the State Register on December 6, 2023, subject to approval by the Public...more
11/30/2023
/ Cybersecurity ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Healthcare ,
New York ,
Patient Privacy Rights ,
PHI ,
Popular ,
Proposed Rules ,
Regulatory Agenda ,
Regulatory Reform
On June 16, 2023, Nevada enacted Senate Bill 370 (“SB 370”), which imposes broad restrictions on the collection, use, and sale of consumer health data. This law is set to go into effect on March 31, 2024....more
A recent enforcement action by the Federal Trade Commission (“FTC”) against 1Health.io—which sells “DNA Health Test Kits” to consumers for health and ancestry insights—serves as a reminder that the FTC is increasingly...more
6/29/2023
/ Amazon Web Services (AWS) ,
Clinical Laboratory Testing ,
Consumer Privacy Rights ,
Data Management ,
Data Privacy ,
DNA ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Genetic Materials ,
Genetic Testing ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Human Genes ,
Life Sciences ,
Popular ,
Privacy Policy
As reported in a June 3, 2022 press release from the House Committee on Energy and Commerce, U.S. Representatives Frank Pallone, Cathy McMorris Rodgers, and Senator Roger Wicker released a “discussion draft” of a federal data...more
Establishing and maintaining effective systems to protect sensitive personal data and confidential business information from outside interference while also assuring that privacy interests are protected is among an...more
Connecticut becomes the fifth state to pass a comprehensive privacy law. Are you prepared for state privacy law compliance required in 2023?...more
Artificial intelligence (AI) and machine-learning algorithms are powerful tools that can automate or inform decision-making. At the same time, those algorithms can be quite complex and appear to be a “black box”—inscrutable...more
Recent data thefts and systems intrusions, particularly with respect to ransomware, have assured that cybersecurity is top of mind for corporate executives and compliance officials. We at EBG have tried to keep you up to date...more
The Federal Trade Commission (“FTC”) recently issued guidance clarifying protections applicable to consumers’ sensitive personal data increasingly collected by so-called “health apps.” The FTC press release indicated it has...more
Ransomware Particularly Inflicts Health Care and Life Sciences Organizations -
Ransomware is a malicious cyber threat vector that employs encryption malware to prevent users from accessing their systems and data unless...more
6/3/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
FBI ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Technology ,
Malware ,
Medical Records ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management
After a Congressional override of a Presidential veto, the National Defense Authorization Act became law on January 1, 2021 (NDAA). Notably, the NDAA not only provides appropriations for military and defense purposes but,...more
Ransomware is a serious form of cyber extortion that employs malware to prevent users from accessing their systems or data, either by locking the system or encrypting critical files until a ransom is paid. The hacker holds...more
Recently, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), the agency enforcing the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach...more
10/19/2020
/ Breach Notification Rule ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
NIST ,
OCR ,
Popular