The California Privacy Protection Agency (“CPPA”) announced it will hold a special meeting on July 28, 2022 at 9 a.m. PST to discuss and potentially act on proposed federal privacy legislation, including the bipartisan American Data Protection and Privacy Act (“ADPPA”) (H.R. 8152). The ADPPA is a comprehensive data privacy bill that advanced through
OCR Seeks Comments Related to Recognized Security Practices and Distribution of Civil Monetary Penalties under the HITECH Act
In a new post on the Covington Digital Health blog, our colleagues discuss the Office for Civil Rights’ (“OCR”) recently published request for information (“RFI”) seeking comment on implementing certain provisions of the Health Information Technology for Economic and Clinical Health (“HITECH”) Act. The RFI seeks input as to how covered entities and business
FTC Releases New Health Breach Notification Rule Guidance, Targets Health Apps and Connected Devices
In a new post on the Covington Digital Health blog, our colleagues discuss recently announced Federal Trade Commission (“FTC”) guidance meant to help companies determine their obligations under the Health Breach Notification Rule (the “Rule”). The guidance follows the FTC’s September 2021 Policy Statement, which expanded the Rule’s application to the developers of health
Illinois Court Splits Time on BIPA Statute of Limitations
An Illinois state appellate court recently issued a ruling that could reduce defendants’ litigation exposure on certain types of Biometric Information Privacy Act (“BIPA”) claims. On September 17, the panel clarified in Tims v. Black Horse Carriers, Inc., 2021 IL App (1st) 200563 (1st Dist. Sept. 17, 2021), that the statutes of limitation applicable to BIPA claims vary depending on the nature of the claim. Claims for failing to provide a written retention policy, give notice, or obtain consent prior to collecting an individual’s biometric information may be brought within five years. But claims for violating BIPA’s selling, disclosing, or disseminating information provisions must be brought within one year.
Continue Reading Illinois Court Splits Time on BIPA Statute of Limitations
Proposed Bill Would Expand the Scope of the CMIA
In a new post on the Covington Digital Health blog, our colleagues discuss proposed legislation that would expand the definition of “provider of health care” under California’s Confidentiality of Medical Information Act (“CMIA”).
Continue Reading Proposed Bill Would Expand the Scope of the CMIA
Florida Legislature Considering Comprehensive Privacy Law
Florida may be next state to join the growing number of states with a consumer privacy law, as both chambers of Florida’s legislature are currently considering comprehensive state privacy legislation. Both HB 969 and SB 1734 resemble the California Consumer Privacy Act (“CCPA”), though they contain some notable differences. Florida Governor Ron DeSantis expressed support of these measures, stating that these proposals “finally check these companies’ unfettered ability to profit off our data and ensure the protection of Floridians’ personal and private information.”
Continue Reading Florida Legislature Considering Comprehensive Privacy Law