On January 6, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published significant proposed amendments (proposed rule) to the Security Rule under the Health Insurance Portability and...more
1/7/2025
/ Covered Entities ,
Data Privacy ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Reform ,
HIPAA Security Rule ,
OCR ,
Patient Privacy Rights ,
PHI ,
Proposed Rules ,
Regulatory Agenda ,
Rulemaking Process
Join Troutman Pepper Partner Brett Mason for a podcast series analyzing the intersection of artificial intelligence (AI), health care, and the law.
In this installment, Brett Mason is joined by Partner Brent Hoard and...more
On April 27, the state of Washington enacted the My Health My Data Act (MHMDA), a comprehensive health privacy law that imposes broad restrictions on how “consumer health data” can be used by companies doing business in the...more
Recently, the Iowa Legislature sent a bill to Iowa Governor Kim Reynolds for her signature that would make Iowa the sixth state to enact a comprehensive privacy law. The Iowa Senate unanimously passed Senate File 262 (SF 262)...more
Exemption Extensions Failed. On August 31, California's legislature ended its 2022 session without adopting legislation to extend the California Consumer Privacy Act (CCPA) employee and business-to-business (B2B) personal...more
With the notice and cure set to expire on January 1, 2023, California Attorney General Rob Bonta (CA AG) provided a glimpse at what to expect with its first settlement of alleged violations of the California Consumer Privacy...more
9/1/2022
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Information ,
Privacy Laws ,
Sephora ,
Statutory Violations
Background on the PIPL Security Assessment. On July 7, China’s top regulator, the Cyberspace Administration of China (CAC), released the final version of the Measures for Security Assessment of Data Exports (Security...more
The California Privacy Rights Act (CPRA) established the California Privacy Protection Agency (CPPA), and requires the CPPA to adopt, amend, and rescind regulations on 22 topics — including, among other things, definitions,...more