On July 1, 2024, the amendments to the Health Breach Notification Rule (HBNR) went into effect. First promulgated in 2009, the HBNR applies to vendors of personal health records — entities that are not covered by the Health...more
7/3/2024
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
PHI ,
Popular
As privacy laws continue to proliferate in the U.S. and globally, there is one trend that companies, especially those operating in the health and pharmaceutical sectors, can no longer overlook. This is the trend towards data...more
Overview -
On February 28, 2024, the Biden administration released an Executive Order that would restrict “countries of concern” from accessing Americans’ sensitive personal data, including “genomic data, biometric data,...more
The U.S. privacy landscape has changed rapidly over the past few years. But the most significant recent changes relate to “consumer health data” — health information about identified or identifiable consumers that falls...more
On June 30, 2023, the Superior Court of California, County of Sacramento, Judge James Arguelles presiding, issued an order prohibiting the California Privacy and Protection Agency (the Agency) from enforcing regulations...more
On August 24, 2022, California Attorney General Rob Bonta announced a settlement with Sephora for violations of the California Consumer Privacy Act (CCPA). The action places online consumer tracking, analytics and advertising...more
In this fourth alert in our series regarding the European Parliament’s formal endorsement of a new collective actions legislation titled the Directive of the European Parliament and of the Council on Representative Actions...more
Yesterday, the FTC issued a policy statement announcing a new interpretation of the FTC’s 10-year-old “Personal Health Record Breach Notification Rule.” As the FTC acknowledges, this rule has never been enforced by the FTC....more
In early June 2021, the European Commission adopted a new set of Standard Contractual Clauses for organizations to use to ensure compliance with the EU General Data Protection Regulation (GDPR) requirements for transfers of...more
Following on from this week’s big announcement by the European Data Protection Board (EDPB) on its expectations for international data transfers after the European Court of Justice’s July 16 Schrems II decision, the European...more
On November 11, 2020, the European Data Protection Board (EDPB) issued two much-anticipated guidance documents, outlining the approach it expects organizations to take when transferring data out of the EU. Although these...more
On July 16, the highest court in the European Union (EU), the Court of Justice of the European Union (CJEU), issued a landmark judgment in the case of Data Protection Commissioner v Facebook Ireland Limited, Maximillian...more
On May 14, 2020, the U.S. Food and Drug Administration (FDA) updated its FDA Guidance on Conduct of Clinical Trials of Medical Products during COVID-19 Public Health Emergency – Guidance for Industry, Investigators, and...more
New guidance issued by the U.S. Equal Employment Opportunity Commission (EEOC) in the United States has advised that employers may measure employees’ body temperature given that the Centers for Disease Control and Prevention...more
On March 18, the U.S. Food and Drug Administration (FDA) issued a final guidance titled FDA Guidance on Conduct of Clinical Trials of Medical Products During COVID-19 Pandemic, providing important guidance for industry,...more
After a long wait, the California Attorney General’s (AG) office held a news conference on October 10, 2019, and published proposed regulations implementing the California Consumer Privacy Act (CCPA). Companies gearing up for...more
10/17/2019
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consent ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Processors ,
Notice Requirements ,
Opt-Outs ,
Personally Identifiable Information ,
Proposed Regulation ,
Public Comment ,
Public Hearing ,
Recordkeeping Requirements ,
Request For Information ,
Rulemaking Process
The long anticipated amendments to the CCPA were passed by the California Legislature in early September and now await Governor Newsom’s signature. Some of the changes were “clean up” amendments to update cross references,...more
9/19/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Governor Newsom ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Private Right of Action ,
Right to Delete