On March 18, 2024, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued updated guidance regarding the use of online tracking technologies by entities and business associates subject to...more
On August 5, 2024, the Office of the National Coordinator for Health Information Technology— now known as the Assistant Secretary for Technology Policy/Office of the National Coordinator for Health IT (“ASTP/ONC”) within the...more
The U.S. Supreme Court’s 2022 decision in Dobbs v. Jackson Women’s Health Organization to eliminate the federal constitutional right to abortion continues to alter the legal landscape across the country.
On April 26, 2024,...more
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
9/20/2024
/ Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Personally Identifiable Information ,
PHI ,
Risk Assessment ,
State Privacy Laws
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
9/16/2024
/ Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Disclosure Requirements ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
PHI ,
State Privacy Laws ,
Targeted Digital Advertising
On May 17, 2024, Colorado Governor Jared Polis signed into law SB 24-205—concerning consumer protections in interactions with artificial intelligence systems—after the Senate passed the bill on May 3, and the House of...more
5/20/2024
/ Algorithms ,
Artificial Intelligence ,
Automation Systems ,
Colorado ,
Employer Liability Issues ,
Innovative Technology ,
Machine Learning ,
New Legislation ,
Popular ,
Regulatory Reform ,
Regulatory Requirements
On May 17, 2024, Colorado Governor Jared Polis signed into law SB 24-205—concerning consumer protections in interactions with artificial intelligence systems—after the Senate passed the bill on May 3. The law adds a new part...more
5/20/2024
/ Algorithms ,
Artificial Intelligence ,
Automation Systems ,
Colorado ,
Innovative Technology ,
Machine Learning ,
Non-Discrimination Rules ,
Pending Legislation ,
Popular ,
Regulatory Agenda ,
Regulatory Reform ,
Risk Management
Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more
3/15/2024
/ Audits ,
Compliance ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Medical Records ,
NIST ,
OCR ,
SAMHSA
New York Governor, Kathy Hochul, recently announced proposed cybersecurity rules for New York hospitals, which are due to be imminently published in the State Register on December 6, 2023, subject to approval by the Public...more
11/30/2023
/ Cybersecurity ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Healthcare ,
New York ,
Patient Privacy Rights ,
PHI ,
Popular ,
Proposed Rules ,
Regulatory Agenda ,
Regulatory Reform
On June 16, 2023, Nevada enacted Senate Bill 370 (“SB 370”), which imposes broad restrictions on the collection, use, and sale of consumer health data. This law is set to go into effect on March 31, 2024....more
Recently, Florida Governor Ron DeSantis signed Senate Bill 262 and Senate Bill 264 into law. These new laws grant Floridians greater control over their personal data and establish a new standard for data handling and...more
7/6/2023
/ Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Enforcement ,
Florida ,
New Legislation ,
Offshoring ,
Opt-Outs ,
Personal Data ,
PHI ,
Sensitive Personal Information ,
Software ,
State Bans
A recent enforcement action by the Federal Trade Commission (“FTC”) against 1Health.io—which sells “DNA Health Test Kits” to consumers for health and ancestry insights—serves as a reminder that the FTC is increasingly...more
6/29/2023
/ Amazon Web Services (AWS) ,
Clinical Laboratory Testing ,
Consumer Privacy Rights ,
Data Management ,
Data Privacy ,
DNA ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Genetic Materials ,
Genetic Testing ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Human Genes ,
Life Sciences ,
Popular ,
Privacy Policy
Introduction -
Following the Supreme Court decision in Dobbs v. Jackson Women’s Health Organization overturning Roe v. Wade, the federal government, pursuant to President Biden’s Executive Order (the EO) took several steps...more
6/13/2023
/ Abortion ,
Biden Administration ,
Comment Period ,
Department of Health and Human Services (HHS) ,
Dobbs v. Jackson Women’s Health Organization ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Healthcare Reform ,
OCR ,
Patient Privacy Rights ,
PHI ,
Proposed Rules ,
Regulatory Agenda ,
Reproductive Healthcare Issues ,
Women's Rights
We’ve all heard troubling stories involving emerging tools powered by artificial intelligence (AI), in which algorithms yield unintended, biased, or erroneous results. Here are a few examples:
- A monitoring tool for...more
6/8/2023
/ Algorithms ,
Artificial Intelligence ,
Bias ,
Consumer Product Companies ,
Employer Liability Issues ,
Facial Recognition Technology ,
Health Care Providers ,
Life Sciences ,
Privacy Laws ,
Race Discrimination ,
Risk Management ,
Webinars
On May 18, 2023, the Federal Trade Commission (FTC) filed a Notice of Proposed Rulemaking and Request for Public Comment (“NPRM”) seeking to amend the Health Breach Notification Rule (“HBNR”). We previously wrote about the...more
In the absence of a comprehensive federal data privacy law, state legislators continue to add to the often-contradictory array of laws aimed at protecting the security and privacy of their residents’ data. Very recently,...more
In the absence of a federal law directly aimed at regulating artificial intelligence (AI), the Federal Trade Commission (FTC) is seeking to position itself as one of the primary regulators of this emergent technology through...more
On April 11, 2023, U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced its plan for termination of the existing notifications of enforcement discretion related to the expiration of the...more
4/12/2023
/ Coronavirus/COVID-19 ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Infectious Diseases ,
OCR ,
PHI ,
Public Health Emergency ,
Telehealth ,
Telemedicine
On February 17, 2023, the Federal Trade Commission (“FTC”) announced the creation of the Office of Technology (the “OT”), which will be headed by Stephanie T. Nguyen as Chief Technology Officer. This development comes on the...more
More than just New Year’s resolutions went into effect when the clock struck midnight on January 1, 2023. The California Privacy Rights Act (“CPRA”) and the Virginia Consumer Data Protection Act (“VCPDA”) are now effective in...more
On December 1, 2022, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) published a bulletin warning that commonly used website technologies, including cookies, pixels, and session...more
On July 8, two weeks following the Supreme Court’s ruling in Dobbs v. Jackson that invalidated the constitutional right to abortion, President Biden signed Executive Order 14076 (E.O.). The E.O. directed federal agencies to...more
The U.S. Supreme Court is expected to imminently issue its opinion in the case Dobbs v. Jackson Women’s Health Organization (“Dobbs”). If the Court rules in a manner to overturn Roe v. Wade, states will have discretion in...more
As reported in a June 3, 2022 press release from the House Committee on Energy and Commerce, U.S. Representatives Frank Pallone, Cathy McMorris Rodgers, and Senator Roger Wicker released a “discussion draft” of a federal data...more
Establishing and maintaining effective systems to protect sensitive personal data and confidential business information from outside interference while also assuring that privacy interests are protected is among an...more