A Pennsylvania House Committee teed up a potentially imminent floor vote on a comprehensive privacy bill. The Commerce Committee voted unanimously by voice Tuesday to advance HB-78 to the floor. At a livestreamed meeting, the committee also adopted by voice an amendment to delay by six months the proposed effective date to one year after it’s enacted.
Digital advertisers "are still grappling with defining the boundaries of sensitive personal information, such as health data and minors’ information,” according to an Interactive Advertising Bureau survey released Monday.
Kentucky tweaked its comprehensive privacy law to flesh out an exemption for data subject to the Health Insurance Portability and Accountability Act (HIPAA). Gov. Andy Beshear (D) signed the amendment (HB-473) to the 2024 privacy law Saturday after it passed the legislature unanimously (see 2503130017).
The Massachusetts Senate will try to reach consensus on comprehensive privacy legislation this spring, two state senators told us. Privacy Daily has counted eight comprehensive privacy bills so far in the Massachusetts legislature, with four apiece in the House and the Senate.
As the Vermont Senate Institutions Committee cleared a comprehensive privacy bill (S-71) in a 5-0 vote Friday, Chair Wendy Harrison (D) reminded colleagues that the legislature is in the “middle of the process.” A day earlier, the panel replaced the legislation's language with that of an industry-favored bill (S-93), which consumer privacy advocates have called weak (see 2503130053).
The Department of Health and Human Services should withdraw the Biden administration’s proposed Health Insurance Portability and Accountability Act (HIPAA) Security Rule and issue less onerous regulations for healthcare cybersecurity, medical groups said in comments.
The Latvian Data State Inspectorate published a list of data processing activities that don't require data protection assessments. The guidelines aim to give organizations a practical and clear approach to risk identification and management, the privacy watchdog said.
Life insurance company Globe Life was hit with two class-action lawsuits last week in the U.S. District Court for Eastern Texas over its failure to protect the personally identifiable information (PII) of its customers when unauthorized access to information systems was gained in 2024.
The U.S. District Court for Western Washington partially dismissed a class-action complaint Tuesday claiming that a hospital violated the Health Insurance Portability and Accountability Act (HIPAA) and other laws. Plaintiffs alleged that Overlake Hospital Medical Center implemented the Facebook Tracking Pixel and other browser plugins on its website, then disclosed website users' information to third parties, including Facebook and Google, without consent, in violation of HIPAA and the center's privacy policies.
Washington state bills requiring privacy and AI transparency are apparently dead after missing a Friday cutoff to clear fiscal committees in the legislature. However, child privacy bills in the House and Senate cleared their respective fiscal committees in time.