Data Matters Privacy Blog Home Page - Data Matters Privacy Blog

On June 29, the day after California Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law, Data Matters provided a summary of the important new legislation. In doing so, we noted that the law was scheduled to go into effect on January 1, 2020 and that, if and when it did, it would be the “broadest privacy law in the United States” and “may well have an outsize influence on privacy laws nationwide.” Because of this, we further predicted that “[t]he coming months will no doubt stimulate considerable legislative and litigation activity to test the acceptability of [the CCPA’s] effects on interstate commerce, free speech, commercial innovation, reasonable regulatory burdens and meaningful privacy protection.”

California, Financial Privacy, General, U.S. State Law

After LabMD, Questions Remain for the Healthcare Sector

Aug 15 2018

Christopher Fonzone and Kate Heinzelman

*This article first appeared in the July 2018 issue of Digital Health Legal

Massive data breaches. Threats to medical devices. The Internet of Persons. Healthcare entities are all too familiar with the rising cyber threat. But they are also familiar with the complex array of laws and regulations in the United States that attempt to address the threat and the potentially significant compliance costs and risks caused by that complexity. The US Court of Appeals for the Eleventh Circuit’s recent and long-awaited decision in LabMD v. Federal Trade Commission, which trimmed the sails of one of the primary regulators of the healthcare information security landscape, may thus appear to some, at first blush, to be a necessary corrective. Yet closer inspection shows that the Eleventh Circuit’s decision raises more questions than it answers – and that its true implications will only become clear once we see how federal regulators, the courts, and perhaps Congress respond.

Read More

Cybersecurity, Data Breaches, Enforcement, FTC, Health Privacy, Information Security, Internet of Things, Legislation, Online Privacy

Japan Granted Adequacy Deal on Data Protection by the EU

Aug 08 2018

William RM Long, Akira Nakazawa, Geraldine Scali, Tomoki Ishiara and Jasmine Agyekum

On July 17, 2018, the European Commission released a press release announcing Japan and the European Union have concluded talks on reciprocal adequacy of their respective data protection systems, alongside a corresponding Q&A on reciprocal adequacy. After successful negotiations, both jurisdictions have reached a mutual adequacy arrangement, recognising the adequacy in each jurisdiction’s data protection framework and representing the first time that the EU and a third country have agreed on a reciprocal recognition of the level of “adequate” data protection.

APEC, Asia, European Union, International

HHS Secretary Azar Signals Future Changes to Federal Health Privacy Regulations

Aug 07 2018

Meenakshi Datta, Kate Heinzelman and Corbin Santo

In a recent speech outlining the Trump Administration’s healthcare regulatory reform efforts, Secretary of Health and Human Services (HHS) Alex Azar announced that the Administration will soon begin considering changes to federal health privacy regulations.

Health Privacy, HHS, HIPAA, Policy

New Case Sheds Further Light on the Definition of Autodialer under the TCPA

Aug 01 2018

Eric S. Mattson

Ever since the D.C. Circuit struck down the FCC’s overbroad rule defining “auto-dialers” under the Telephone Consumer Protection Act, district courts have debated the scope of the D.C. Circuit’s ruling: Did it effectively strike down earlier FCC pronouncements on what qualifies as an auto-dialer? In a carefully reasoned opinion, a district court judge in Chicago held last week that it did.

FCC, Litigation, Marketing, TCPA, Telemarketing

South Carolina Becomes the First State to Enact the National Association of Insurance Commissioners (NAIC) Insurance Data Security Model Law

Jul 30 2018

Christopher Fonzone and Stephen McInerney

In October 2017, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. According to NAIC’s news release announcing this development, the Model Law was meant to build on the organization’s cybersecurity progress and create a “platform that enhances our mission of protecting consumers.” (For more information on the development of the Model Law, see our prior coverage.)

Cybersecurity, Data Breaches, Financial Privacy, Information Security, Insurance, Legislation, Policy, U.S. State Law

Privacy as a “Fundamental Right” Clouds Smart Regulation

Jul 16 2018

Alan Charles Raul

*Originally Published July 12, 2018 by Chambers and Partners Data Protection & Cyber Security 2018

There is a lot going on with privacy around the world. As discussed in the chapters of this book, significant new laws are being adopted or taking effect, important judicial decisions are being decided to interpret existing legal requirements, and citizens are contending with their own expectations about confounding new technologies and business models. It is not clear, however, that the public policy being developed in any country is a thoughtful reaction to the promises and perils of today’s digital economy, rather than a knee-jerk over-reaction to imagined harms and a handful of high-profile incidents.

California, European Union, FTC, GDPR, General, International, Legislation, Litigation, U.S. State Law

Coalition Groups Weigh In on CCPA Clean Up Legislation

After LabMD, Questions Remain for the Healthcare Sector

Japan Granted Adequacy Deal on Data Protection by the EU

HHS Secretary Azar Signals Future Changes to Federal Health Privacy Regulations

New Case Sheds Further Light on the Definition of Autodialer under the TCPA

South Carolina Becomes the First State to Enact the National Association of Insurance Commissioners (NAIC) Insurance Data Security Model Law

Categories

Archives

Contacts