The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced an $800,000 settlement with BayCare Health System for alleged violations of the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. The Wednesday settlement ends an OCR investigation into whether unauthorized access to an individual's electronic protected health information (ePHI) occurred at the Florida provider.
Pennsylvania announced a $45,000 settlement with property management company Home365 over the firm's failure to address tenants' maintenance needs due to its use of an AI system, which performed poorly. Maintenance delays and the resulting unsafe housing were found to be a violation of the state’s Unfair Trade Practices and Consumer Protection Law, the AG said.
The FTC finalized a settlement with GoDaddy over allegations that the domain registry failed to implement proper security measures, which prompted data breaches, the commission said Wednesday. Under the order, GoDaddy cannot make misrepresentations about its security or compliance with privacy or security programs. In addition, it must establish an information-security program and hire a third-party assessor to review it.
State attorneys general last week made unfounded claims against House Republicans’ proposed AI moratorium, Rep. Jay Obernolte, R-Calif., told us Tuesday. The moratorium doesn’t block states from enforcing traditional consumer protection laws, he added.
Privacy Daily is providing readers with the top stories from last week, in case you missed them. All articles can be found by searching the title or clicking on the hyperlinked reference number.
Increased FTC enforcement and expanding state regulatory requirements mean it's crucial that advertisers ensure their consumer health data activity complies with consumer privacy laws, said panelists during a Wiley health advertising webinar Tuesday.
A proposed settlement has been reached in a case involving Google's alleged violation of children's privacy, according to a joint court document filed Friday.
Google's nearly $1.4 billion settlement with Texas solidifies the state's status as an aggressive privacy enforcer, lawyers and consumer privacy advocates said Monday. Texas announced the settlement Friday in a case involving Google's allegedly unlawful tracking and collection of users' personal information, including geolocation and biometric data (see 2505090071).
Irish Data Protection Commission Deputy Commissioner Cian O'Brien sees a "welcome trend" toward greater agreement among EU data protection authorities (DPAs) in enforcement cases. He spoke Friday during an IAPP webinar about the office's decision against TikTok.
Incorporating children's and teen safety into privacy has led to a variety of approaches under state law, said two Latham Watkins attorneys on a panel at the Privacy + Security Forum spring academy Friday. An age-gate is the best way for companies to ensure compliance with all of them, they added.