State AG Pulse | CT AG Reacts to Genetic Data Breach
Modern warfare is no longer restricted to physical battlefields and professional military. Countries like North Korea and Russia have few qualms about using cyberspace to reach well beyond their physical borders to target...more
“Cybersecurity” has emerged as one of top risks facing organizations. Considering the steady stream of massive data breaches affecting millions (sometimes billions), the debilitating effects of ransomware on an organization’s...more
Employers are facing new potential legal risks under the federal Genetic Information Nondiscrimination Act of 2008 (GINA) and the Illinois Genetic Information Privacy Act (GIPA) over inquiries in routine employment physicals...more
Enacted in 1998, Illinois’ Genetic Information Privacy Act (GIPA) governs the confidentiality and use of genetic testing and genetic information by employers and insurers. The statute was designed to prevent employers and...more
The California Privacy Protection Agency (CPPA) released initial draft regulations for cybersecurity audits (which have since been amended) and risk assessments late this summer. The agency’s board of directors addressed the...more
Most employers operating in Illinois are (or should be) aware of Illinois' stringent Biometric Information Protection Act (BIPA). As we have written about previously, BIPA’s requirements are exacting, and BIPA plaintiffs do...more
Illinois employers are likely still reeling from the thousands of biometric privacy class action lawsuits that have flooded court dockets over the last 5 years. Another wave is coming—this time, under the Illinois Genetic...more
Welcome to Wiley’s update on recent developments and what’s next in consumer protection at the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC). In this newsletter, we analyze recent regulatory...more
A recent enforcement action by the Federal Trade Commission (“FTC”) against 1Health.io—which sells “DNA Health Test Kits” to consumers for health and ancestry insights—serves as a reminder that the FTC is increasingly...more
Here are curated AG and federal regulatory news stories highlighting key areas in which state and federal regulators’ decisions are having an impact across the US: •It’s No Batman, but California Teams up to Stop Organized...more
Since the privacy and security regulations were issued under the federal Health Insurance Portability and Accountability Act (HIPAA), critics pointed to the limitations on the reach of those rules. A critical limitation...more
States continue to enact laws targeting the protection of genetic data with two important developments in California and Florida. California’s Genetic Information Privacy Act (“GIPA”), which came into effect on January 1,...more
On October 6, 2021, California Governor Gavin Newsom signed into law the Genetic Information Privacy Act (GIPA). This follows Governor Newsom’s veto of an earlier version of the bill almost exactly one year ago. ...more
When it comes to the privacy of health information, California belongs to the select group of states that have implemented broad consumer privacy protections above and beyond those provided by the federal Health Insurance...more
Utah recently signed into law SB 227, creating the Genetic Information Privacy Act (GIPA). The law, which is anticipated to go into effect in May 2021, is aimed at protecting genetic data collected from direct-to-consumer...more
Enacted in 2008, the Illinois Biometric Information Privacy Act, 740 ILCS 14 et seq. (the “BIPA”), went largely unnoticed until a few years ago when a handful of cases sparked a flood of class action litigation over the...more
Governor Gavin Newsom of California vetoed a bill that would have created new limitations on data sharing for direct-to-consumer genetic testing companies. The Genetic Information Privacy Act (GIPA) asked testing companies...more
Last week the California legislature passed an important first step in protecting the American public from itself. The Genetic Information Privacy Act (GIPA) helps fill a gap in U.S. healthcare privacy that most people don’t...more
Some app developers know more about our health than our doctors do. Take, for instance, FitBit, which is attached to our wrist and measuring in real time our temperature, our heart rate, our steps and whether we have had...more
Everyone knows how I feel about those home genetic testing kits—most people don’t understand that when they send their DNA to a private company that it is not protected by HIPAA or any other law, and the company can legally...more
In the top three of the list of highly sensitive personal data to be concerned about is our medical information. It’s so sensitive because it is so personal. It used to be that our medical information was located in paper...more
The advent of 23andMe, ancestryDNA, and other direct-to- consumer genetic testing products permit patients, from the comfort of their own homes and personal computers, to identify and assess their unique risk of developing...more
Genetic information is basically one’s DNA sequence, which includes health information and genetic information about the individual and their family. It is at the core of one’s individual privacy, as well as providing...more
On January 12, 23andMe announced an agreement with Pfizer to provide the drug company with access to anonymous, aggregated information from consumers who bought 23andMe’s test over the past seven years to learn about their...more