On November 3, 2022, Pennsylvania Governor Tom Wolf singed Senate Bill 636 into law, amending Pennsylvania’s breach notification law.
Continue Reading Pennsylvania Amends Breach Notification Law
Personal Health Information
NYDFS Fines EyeMed $4.5 Million for Cybersecurity Violations
Posted on
On October 18, 2022, the New York State Department of Financial Services announced that EyeMed Vision Care LLC agreed to a $4.5 million settlement for violations of the Cybersecurity Regulation that contributed to the exposure of hundreds of thousands of consumers’ health data in connection with a cybersecurity event in 2020.
Continue Reading NYDFS Fines EyeMed $4.5 Million for Cybersecurity Violations
New California Laws Enhance Reproductive Health Privacy Protections
Posted on
On September 27, 2022, California Governor Gavin Newsom signed into law a pair of bills designed to prevent medical information and other data held by California entities from being used in out-of-state abortion prosecutions.
Continue Reading New California Laws Enhance Reproductive Health Privacy Protections
OCR Announces $300,000 Settlement Related to Improper Disposal of Physical PHI
Posted on
On August 23, 2022, the U.S. Department of Health & Human Services, Office for Civil Rights announced that it had settled a case involving the disposal of physical protected health information. …
Continue Reading OCR Announces $300,000 Settlement Related to Improper Disposal of Physical PHI
NIST Publishes New Draft Guidance on HIPAA Security Rule
Posted on
On July 21, 2022, the National Institute of Standards and Technology released an updated draft of its HIPAA Security Rule guidance. …
Continue Reading NIST Publishes New Draft Guidance on HIPAA Security Rule
President Biden Issues Executive Order Protecting Privacy of Reproductive Health Data
Posted on
Posted in Enforcement, Health Privacy
On July 8, 2022, President Biden issued an Executive Order titled, “Protecting Access to Reproductive Health Care Services,” in response to the overturning of Roe v. Wade. …
Continue Reading President Biden Issues Executive Order Protecting Privacy of Reproductive Health Data
California Attorney General Reminds Health App Providers of Obligations to Protect Reproductive Health Information
Posted on
On May 26, 2022, California Attorney General Rob Bonta issued a press release reminding health app providers that California’s Confidentiality of Medical Information Act applies to mobile apps that are designed to store medical information, which includes health apps such as fertility trackers. …
Continue Reading California Attorney General Reminds Health App Providers of Obligations to Protect Reproductive Health Information
FTC Settles Children’s Privacy Case with WW (formerly Weight Watchers)
Posted on
The Federal Trade Commission has reached a settlement with WW International, Inc. and Kurbo, Inc. over allegations the companies improperly registered children for the “Kurbo by WW” online weight loss management program. In pleadings filed on February 16, 2022, in federal court in the Northern District of California, the FTC claims WW and Kurbo offered…
California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others
Posted on
Posted in Health Privacy, U.S. State Law
During the week of October 4, 2021, California Governor Gavin Newsom signed into law bills amending the California Privacy Rights Act of 2020, California’s data breach notification law and California’s data security law. Additional bills, amending the California Confidentiality of Medical Information Act and the California Insurance Code, also were also signed into law. The Governor also signed into law a bill protecting the privacy and security of genetic data processed by direct-to-consumer genetic testing companies, and a bill designed to prevent the sale, purchase and use of data obtained by illegal means.
Continue Reading California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others
Florida’s Protecting DNA Privacy Act Goes into Effect
Posted on
Posted in Health Privacy, U.S. State Law
On October 1, 2021, Florida’s Protecting DNA Privacy Act took effect. The Act, signed into law by Governor Ron DeSantis on June 29, restricts the collection, use, retention, maintenance, analysis and disclosure of any DNA sample or analysis derived from a person in Florida.
Continue Reading Florida’s Protecting DNA Privacy Act Goes into Effect