Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
In the wake of the Supreme Court’s landmark decision in Dobbs v. Jackson Women’s Health Organization, issues surrounding the privacy and security of health information have been top of mind for health care providers, consumers, and legislators. The Department of Health and Human Services Office for Civil Rights (OCR), the Federal Trade Commission (FTC), and the California Attorney General have all released guidance addressing the collection, storage, and use of sensitive information concerning reproductive health, signaling increased enforcement in this area. Proposed federal legislation would impose additional obligations on providers of apps and devices that store health and location data. In light of the evolving legal and regulatory landscape, app developers and their counsel should examine developers’ privacy and security practices and take steps to safeguard sensitive data related to reproductive health.
*May exclude premium content
By Rita W. Garry
While the ADPPA represents compromises between Democratic and Republican leadership of the U.S. Senate and House of Representatives, particularly around the thorny issues of state law preemption and private rights of action, there are other legislative and big tech industry players pushing their own agendas for comprehensive national data privacy and security frameworks.
By John Beardwood and Shan Arora
Part One In a Series
This article, which reviews the Canadian Consumer Privacy Protection Act, first seeks to identify the delta between the Act and PIPEDA in order to allow privacy officers of organizations that are already PIPEDA compliant to identify the net new compliance requirements under the Act and second, to highlight the provisions of the Act which, if breached, could lead to the imposition of significant fines.
By Kyle Fath, Alan Friel, Shea Leitch and David J. Oberly
While the the California Privacy Protection Agency kicked some of the more difficult issues down the road for further consideration, its first draft of proposed Regs is quite comprehensive with respect to the issues addressed. The authority for some of what is proposed is questionable and will likely be challenged in comments, if not judicial action, if such provisions become final.
By Rich Hale
Unstructured data comprises 80% of total data volume for legal organizations, which means that on average, only one-fifth of the entirety of the data set is properly secured and actively managed. Although some believe that ignoring unstructured data establishes plausible deniability that relinquishes them from culpability when a breach occurs, it’s an untenable position from both a regulatory and brand reputational perspective.