Olivia Vega

Follow:

OCR Seeks Comments Related to Recognized Security Practices and Distribution of Civil Monetary Penalties under the HITECH Act

By Libbie Canter, Anna D. Kraus, Elizabeth Brim & Olivia Vega on April 14, 2022

Posted in Department of Health and Human Services, Health Privacy

In a new post on the Covington Digital Health blog, our colleagues discuss the Office for Civil Rights’ (“OCR”) recently published request for information (“RFI”) seeking comment on implementing certain provisions of the Health Information Technology for Economic and Clinical Health (“HITECH”) Act. The RFI seeks input as to how covered entities and business…

FTC Releases New Health Breach Notification Rule Guidance, Targets Health Apps and Connected Devices

By Libbie Canter, Anna D. Kraus, Olivia Vega & Elizabeth Brim on January 28, 2022

Posted in Data Breaches, Federal Trade Commission, Health Privacy

In a new post on the Covington Digital Health blog, our colleagues discuss recently announced Federal Trade Commission (“FTC”) guidance meant to help companies determine their obligations under the Health Breach Notification Rule (the “Rule”). The guidance follows the FTC’s September 2021 Policy Statement, which expanded the Rule’s application to the developers of health…

Illinois Court Splits Time on BIPA Statute of Limitations

By Olivia Vega, Kathryn Cahoy & Eric Bosset on September 22, 2021

Posted in Data Privacy, United States

An Illinois state appellate court recently issued a ruling that could reduce defendants’ litigation exposure on certain types of Biometric Information Privacy Act (“BIPA”) claims. On September 17, the panel clarified in Tims v. Black Horse Carriers, Inc., 2021 IL App (1st) 200563 (1st Dist. Sept. 17, 2021), that the statutes of limitation applicable to BIPA claims vary depending on the nature of the claim. Claims for failing to provide a written retention policy, give notice, or obtain consent prior to collecting an individual’s biometric information may be brought within five years. But claims for violating BIPA’s selling, disclosing, or disseminating information provisions must be brought within one year.
…
Continue Reading Illinois Court Splits Time on BIPA Statute of Limitations

Proposed Bill Would Expand the Scope of the CMIA

By Olivia Vega & Libbie Canter on July 16, 2021

Posted in Health Privacy, State Legislatures

In a new post on the Covington Digital Health blog, our colleagues discuss proposed legislation that would expand the definition of “provider of health care” under California’s Confidentiality of Medical Information Act (“CMIA”).
Continue Reading Proposed Bill Would Expand the Scope of the CMIA

Florida Legislature Considering Comprehensive Privacy Law

By Libbie Canter, Jayne Ponder, Alexandra Scott & Olivia Vega on April 16, 2021

Posted in Data, Data Privacy, State Legislatures, United States

Florida may be next state to join the growing number of states with a consumer privacy law, as both chambers of Florida’s legislature are currently considering comprehensive state privacy legislation. Both HB 969 and SB 1734 resemble the California Consumer Privacy Act (“CCPA”), though they contain some notable differences. Florida Governor Ron DeSantis expressed support of these measures, stating that these proposals “finally check these companies’ unfettered ability to profit off our data and ensure the protection of Floridians’ personal and private information.”
…
Continue Reading Florida Legislature Considering Comprehensive Privacy Law

Inside Privacy