The Massachusetts Senate will try to reach consensus on comprehensive privacy legislation this spring, two state senators told us. Privacy Daily has counted eight comprehensive privacy bills so far in the Massachusetts legislature, with four apiece in the House and the Senate.
As the Vermont Senate Institutions Committee cleared a comprehensive privacy bill (S-71) in a 5-0 vote Friday, Chair Wendy Harrison (D) reminded colleagues that the legislature is in the “middle of the process.” A day earlier, the panel replaced the legislation's language with that of an industry-favored bill (S-93), which consumer privacy advocates have called weak (see 2503130053).
The Department of Health and Human Services should withdraw the Biden administration’s proposed Health Insurance Portability and Accountability Act (HIPAA) Security Rule and issue less onerous regulations for healthcare cybersecurity, medical groups said in comments.
The Latvian Data State Inspectorate published a list of data processing activities that don't require data protection assessments. The guidelines aim to give organizations a practical and clear approach to risk identification and management, the privacy watchdog said.
Life insurance company Globe Life was hit with two class-action lawsuits last week in the U.S. District Court for Eastern Texas over its failure to protect the personally identifiable information (PII) of its customers when unauthorized access to information systems was gained in 2024.
The U.S. District Court for Western Washington partially dismissed a class-action complaint Tuesday claiming that a hospital violated the Health Insurance Portability and Accountability Act (HIPAA) and other laws. Plaintiffs alleged that Overlake Hospital Medical Center implemented the Facebook Tracking Pixel and other browser plugins on its website, then disclosed website users' information to third parties, including Facebook and Google, without consent, in violation of HIPAA and the center's privacy policies.
Washington state bills requiring privacy and AI transparency are apparently dead after missing a Friday cutoff to clear fiscal committees in the legislature. However, child privacy bills in the House and Senate cleared their respective fiscal committees in time.
Vermont Rep. Monique Priestley (D) criticized a comprehensive privacy bill introduced Thursday in the state Senate. Sen. Thomas Chittenden (D) introduced S-93 on the same day that the Senate Institutions Committee started walking through the Senate version (S-71) of Priestley’s previously introduced H-208, which also seeks a broad data privacy law (see 2502130013).
The Office for Civil Rights (OCR) at the Department of Health and Human Services (HHS) announced that eyewear company Warby Parker must pay a $1.5 million penalty after a data breach that violated the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, the department announced Thursday.
House Commerce Committee Republicans on Friday requested public input on potential federal privacy legislation. The elimination of a private right of action, preemption of state privacy and AI laws and conflicts with existing federal law were among the topics Republicans outlined in their request for information (RFI).