State AG Pulse | CT AG Reacts to Genetic Data Breach
In November 2023, a class action lawsuit was filed against the genetic testing company, 23andMe. The plaintiffs alleged that a data breach resulted in the unauthorized disclosure of 6.9 million users’ personal and genetic...more
Washington’s My Health My Data Act implements strict—and separate—consent requirements for the collection and sharing of an individual’s health data, with few exceptions. As of March 31, 2024 the Washington My Health My...more
In October of 2023, a hacker claimed online that they had 23andMe users’ profile information. We know this as a result of 23andMe’s required statement to the U.S. Securities and Exchange Commission (SEC) on December 1, 2023. ...more
On June 17, 2023, Texas enacted legislation (the “Legislation”) limiting use of genetic data by certain genetic data testing companies, joining a number of other states in tackling the ever-increasing privacy concerns...more
In the FTC’s first case focused on the privacy and security of genetic information, the FTC alleges that San Francisco-based Vitagene, Inc. – now known as 1Health.io – failed to live up to its promises and unfairly changed...more
Since the privacy and security regulations were issued under the federal Health Insurance Portability and Accountability Act (HIPAA), critics pointed to the limitations on the reach of those rules. A critical limitation...more
Californians voted to enact the California Privacy Rights Act (“CPRA”) almost one year ago. Last week, Governor Gavin Newsom signed three new privacy bills into law....more