State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
Health Insurance Portability and Accountability Act (HIPAA)-covered entities and business associates should be familiar with restrictions on the use or disclosure of protected health information (PHI) under HIPAA rules....more
On January 22, the New York State Legislature passed Senate Bill S929, titled the New York Health Information Privacy Act (NYHIPA), which is poised to redefine how businesses handle health and wellness-related data in and...more
American Addiction Centers Inc. faces a class action in the Middle District of Tennessee for allegations that it violated the Health Insurance Portability and Accountability Act (HIPAA) by failing to protect patient data from...more
It’s not immediately obvious why someone would want to disclose a health care test result as part of a job application. But one such request spurred a Pennsylvania entity to provide a lot more than that: it sent her whole...more
The final weeks for many state legislatures have witnessed significant movements in the U.S. data privacy landscape. Last month, Nebraska Governor Jim Pillen signed the Data Privacy Act, LB1074, into law....more
The Federal Trade Commission (FTC) has assumed the authority to enforce unauthorized data disclosures under the Federal Trade Commission Act (FTC Act). During the past three weeks, the FTC has used this authority to go after...more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
On February 28, 2024, President Biden signed Executive Order (EO) 14117 titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” On March 5,...more
On June 6, 2023, the Florida Digital Bill of Rights (“FDBR”) was signed into law, and goes into effect on July 1, 2024 with some exceptions—the prohibition of government-directed content moderation of social media platforms...more
California has a long history of protecting privacy rights. Article I, Section 1, of the California Constitution expressly provides a right of privacy. Recently, the focus has been on compliance with the California Consumer...more
Healthcare providers are responsible for guarding the health and well-being of their patients. Still, they also have an essential duty to protect the personal information they collect in the process....more
Due diligence properly performed in connection with the purchase and sale of a health care entity is simply different—vastly so—than due diligence performed in other contexts. Failure to recognize this reality can lead to...more
Washington State and Nevada have now passed health data privacy laws that impose obligations relating to the collection, processing, and sharing of “consumer health data.” Both laws (collectively, State Health Data Privacy...more
The 21st Century digital age has provided women with numerous sexual and reproductive health tools that track periods, ovulation, and pregnancy. By simply plugging certain health data inputs into these apps, women can now...more
An estimated 82% of the data breaches that occurred in 2022 involved human error or intentional misconduct. That’s why organizations need to be diligent in protecting their data from both internal and external threats. One...more
As with a growing number of states, Connecticut passed a comprehensive consumer privacy law, the Connecticut Data Privacy Act (the “CTDPA”), on May 10, 2022. The CTDPA becomes effective on July 1, 2023 and, in spite of the...more
Game Developer Dodges Loot Box Suit - In-app epi-games are not the same as slot machines, court says. Again with the Noises and Bright Lights - It’s been a while since we reported on defendant Supercell’s...more
In a groundbreaking decision, the Federal Trade Commission (FTC) announced it was diagnosing GoodRx’s use of tracking pixel codes and analytics, its digital strategy, as not only an unfair or deceptive act or abusive practice...more
Healthcare organizations collect and generate tremendous volumes of highly sensitive—and highly regulated—information about patients every day. A substantial portion of this data is personally identifiable information (PII)...more
Millions of women use reproductive health applications (or “apps”) to track menstrual cycles, ovulation, and pregnancy. These apps provide women that use the rhythm method for birth control and women seeking to become...more
The kids may obsess about social media platforms. But just how much do patients want them to snoop into their most personal medical information, accessed due to hidden snippets of computer code embedded on the sites of some...more
Back in November, I wrote on this blog about Big Data being one of the challenges that is forcing technology to move more to the data sooner in the discovery process. One of the most notable fun facts that illustrate just how...more
Health and retirement benefit plans subject to the Employee Retirement Income Security Act (“ERISA”) have troves of personal information regarding plan participants and their beneficiaries - e.g., participants’ age, marital...more