healthcare privacy

FTC Continues to Signal Interest in Digital Health Industry, Publishing Updated Resources

By Julia Kadish on March 15, 2022

Posted in Digital Health, FTC, Healthcare Privacy, US Privacy

The FTC recently published two new resources for complying with the Health Breach Notification Rule. The Rule requires vendors of personal health records (PHR), PHR-related entities and service providers to these entities, to notify consumers and the FTC (and, in some cases, the media) in the event of a breach of unsecured identifiable health information. The guidance reaffirms and adds further clarity to the Agency’s broad interpretation of the Rule released in its policy statement last fall.
Continue Reading FTC Continues to Signal Interest in Digital Health Industry, Publishing Updated Resources

Florida Imposes Criminal Penalties for Improper Processing of DNA

By Julia Kadish & Harrison Schafer on November 1, 2021

Posted in Data Security, Healthcare Privacy

Florida recently passed a law governing DNA samples. The Act places several restrictions on the use, retention, and sharing of DNA samples. Those that violate the Act may face criminal liability.
Continue Reading Florida Imposes Criminal Penalties for Improper Processing of DNA

California Enacts New Privacy Law for Genetic Data

By Julia Kadish & Harrison Schafer on October 12, 2021

Posted in California Privacy, Digital Health, Digital Privacy, Healthcare Privacy

California’s governor recently signed SB 41 into law. The bill enacts the Genetic Information Privacy Act (GIPA). The governor rejected a similar bill last year over concerns about COVID-19 public health efforts. To address that concern, this bill exempts tests used to diagnose whether an individual has a specific disease.
…
Continue Reading California Enacts New Privacy Law for Genetic Data

FTC Warns Digital Health Industry to Comply with its Breach Notification Rule

By Julia Kadish on September 20, 2021

Posted in Digital Health, Digital Privacy, FTC, Healthcare Privacy

The use of apps, wearables, and other devices used to track health and wellness data have continued to rise. The FTC again signaled its focus on this growing industry in a statement on the scope of the Health Breach Notification Rule. In the statement, the FTC called out specific types of apps and trackers that it views as having notification obligations under this rule.
…
Continue Reading FTC Warns Digital Health Industry to Comply with its Breach Notification Rule

Breach of PHI? California AG Reminds Companies of Potential State Notification Obligations

By Julia Kadish on August 27, 2021

Posted in Data Breach, Data Security, Healthcare Privacy, HIPAA

The California AG recently reminded companies in the healthcare industry of potential data breach notification obligations beyond HIPAA. As ransomware attacks continue to rise, particularly in healthcare, companies should keep in mind the patchwork of state and federal health data privacy laws that may apply.
…
Continue Reading Breach of PHI? California AG Reminds Companies of Potential State Notification Obligations

FTC Signals Focus on Healthcare and Technology Platforms, Among Others

By Liisa Thomas, Kari Rollins & Charles Glover on August 12, 2021

Posted in FTC, Healthcare Privacy, US Privacy

The FTC recently voted to authorize the use of compulsory processes—the FTC’s primary investigatory tools—on what it calls “key law enforcement priorities.” The resolutions allow investigators to take actions like issuing subpoenas and civil investigations demands (commonly referred to as “CIDs”) in a variety of areas. Of note is the inclusion of both healthcare markets and technology platforms, signaling a potential FTC interest in those sectors.
…
Continue Reading FTC Signals Focus on Healthcare and Technology Platforms, Among Others

Eye On Privacy