The United States Court of Appeals for the Fifth Circuit recently vacated a 4.3 million dollar civil monetary penalty imposed by the Department of Health and Human Services’ Office for Civil Rights in 2017 against the University of Texas M.D. Anderson Cancer Center, holding that the penalty was “arbitrary, capricious, and otherwise unlawful.”
Continue Reading Fifth Circuit Court of Appeals Vacates MD Anderson HIPAA Penalty

On September 30, 2020, Anthem, Inc., entered into an assurance of voluntary compliance with the attorneys general of 42 states and the District of Columbia to resolve claims under state and federal law relating to Anthem’s 2015 data breach of personal information and protected health information, the largest breach of PHI in history.
Continue Reading 42 States and District of Columbia Enter into $39.5 Million Agreement with Anthem to Settle Breach-Related Claims

On August 31, 2020, the California Senate joined the Assembly in passing SB-980, as amended, a bill to establish the Genetic Information Privacy Act, which would require direct-to-consumer genetic testing companies to comply with certain privacy and data security provisions. The bill is pending California Governor Gavin Newsom’s signature.
Continue Reading California Legislature Passes Bill to Establish the Genetic Information Privacy Act, Pending Governor’s Signature

On June 11, 2020, the California Senate amended AB-713 to the California Consumer Privacy Act. The Senate’s recent amendments impose new contractual obligations on the use or sale of de-identified information and modify the exemption from the CCPA for information used for public health purposes.
Continue Reading California Senate Proposes Amendment to CCPA to Address De-Identification and Information Used for Research and Public Health Purposes

On March 21, 2020, the data security provisions of New York’s Stop Hacks and Improve Electronic Data Security Act went into effect. The SHIELD Act requires any person or business owning or licensing computerized data that includes the private information of a resident of New York to implement and maintain reasonable safeguards to protect the security, confidentiality and integrity of the private information.
Continue Reading New York SHIELD Act Requires Safeguards to Protect Private Information