While a change in opinion from notice-and-choice data minimization requirements is highlighted by several recent laws, whether there is a true paradigm shift cannot be understood until they go into effect and become enforceable, said the Future of Privacy Forum (FPF) in a report Thursday.
The California Assembly on Tuesday passed a bill aimed at protecting reproductive health privacy, including through a private right of action. The bill, which appropriators recently cleared (see 2505230062), now moves to the Senate.
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced an $800,000 settlement with BayCare Health System for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The Wednesday settlement ends an OCR investigation into whether unauthorized access to an individual's electronic protected health information (ePHI) occurred at the Florida provider.
California appropriators greenlit a plethora of privacy bills at Friday meetings. Assembly and Senate panels ticked through a laundry list of “suspense file” bills, including on age assurance, automated decisions, reproductive health, workplace surveillance and revisions of the California Invasion of Privacy Act (CIPA). The approved bills could get floor votes next.
While a California bill on AI in the workplace “aims to protect workers, employers have expressed concerns about how it might affect business efficiency and innovation,” JacksonLewis attorneys Joseph Lazzarotti and Sierra Vierra blogged Wednesday.
A Nevada genetic privacy bill responds to the 23andMe bankruptcy and Trump administration misinformation about people with autism, Nevada Assembly Speaker Steve Yeager (D) said Thursday. Yeager urged passage of his AB-589 at a livestreamed Assembly Government Affairs Committee hearing.
Since data-protection litigation and enforcement are on the rise, companies can't assume data practices instituted years ago will insulate them from compliance issues, said privacy experts during a webinar hosted Thursday by Privado, a privacy vendor. New regulations and older laws leveraged to cover evolving technologies have made overseeing data and privacy a corporate priority, they said.
While well-intentioned, privacy regulations in health care result in fragmented patient data across systems and institutions, which impedes optimal care and scientific advancements, said a Tuesday blog post from consultants at Access Partnership, a public policy firm.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
Increased FTC enforcement and expanding state regulatory requirements mean it's crucial that advertisers ensure their consumer health data activity complies with consumer privacy laws, said panelists during a Wiley health advertising webinar Tuesday.