BakerHostetler

Subscribe to all posts by BakerHostetler

An Introduction to Washington’s My Health My Data Act

By Andreas Kaltsounis and BakerHostetler on April 19, 2023 Posted in Data Privacy, Healthcare

On April 17, the Washington legislature passed the My Health My Data Act (MHMD Act), which includes some of the most restrictive provisions in any U.S. state privacy law. The MHMD Act is the result of Washington state’s multi-year effort to pass comprehensive privacy legislation fueled by new fears about access to reproductive health care … Continue Reading

US Facial Recognition Firm Ordered to Stop Processing UK and Australian Data and Pay Fine Over Privacy Law Violations

By Jeewon Serrato and BakerHostetler on December 15, 2021 Posted in AI, Biometrics, Data Privacy, GDPR, Privacy, Privacy Litigation

ICO and OAIC Find ‘Serious Breaches’ of Privacy Law On Nov. 29, 2021, the U.K. Information Commissioner’s Office (ICO) announced a provisional intent to fine Clearview AI over £17 million, alleging several privacy violations related to the company’s use of “scraped” data and biometrics of individuals. More significantly, the provisional order would require the company … Continue Reading

Colorado’s Privacy Act: A Curve Ball on Consent and Targeted Ads

By Andreas Kaltsounis, Stanton Burke and BakerHostetler on August 3, 2021 Posted in Advertising

On July 7, 2021, Gov. Jared Polis signed the Colorado Privacy Act (CoPA) into law, making Colorado the third state to enact a comprehensive privacy law, joining California and Virginia. The Act goes into effect on July 1, 2023, and shares many of the rights and obligations provided in other comprehensive privacy laws such as … Continue Reading

Highly Anticipated SCOTUS Ruling Upends TCPA Landscape

By Melinda L. McLellan and BakerHostetler on April 13, 2021 Posted in Telephone Consumer Protection Act

In a landmark decision issued April 1, 2021, the Supreme Court settled a hotly-contested debate over the definition of “automatic telephone dialing system” (or “autodialer”) under the 1991 Telephone Consumer Privacy Act (“TCPA”). The Court’s decision is likely to upend the TCPA compliance and litigation landscape, as the law’s private right of action coupled with … Continue Reading

Privacy-Forward California AG Xavier Becerra Confirmed as Next HHS Secretary

By Aleksandra Vold and BakerHostetler on March 31, 2021 Posted in HHS

On March 19, 2021, Xavier Becerra was confirmed as the secretary of the U.S. Department of Health and Human Services (HHS). HHS is the federal regulatory body that oversees the Office for Civil Rights (OCR), which is the primary federal enforcer of the Health Insurance Portability and Accountability Act (HIPAA). The secretary oversees 11 operating … Continue Reading

Virginia Becomes the Second State with a Comprehensive Privacy Law

By Kyle Dull, Kyle R. Fath and BakerHostetler on March 2, 2021 Posted in CDPA

Governor Ralph Northam has signed the Consumer Data Protection Act (CDPA), making Virginia the second state with a comprehensive privacy law. The CDPA is inspired by both the California Consumer Privacy Act (CCPA) and the EU’s General Data Protection Regulation and takes effect Jan. 1, 2023 (the same date as most of the provisions of … Continue Reading

Virginia Poised to Enact the Consumer Data Protection Act, the Nation’s Second Comprehensive Consumer Privacy Law

By Alan L. Friel, Kyle Dull, Kyle R. Fath and BakerHostetler on February 17, 2021 Posted in CDPA

Having passed both houses of the Virginia General Assembly, the proposed Consumer Data Protection Act (CDPA) may become the second comprehensive consumer privacy bill to be enacted in the United States. However, to reach the governor’s desk, it would need three more readings in the Senate and two more readings in the House, prior to … Continue Reading

Apple to Require New Privacy Disclosures for Apps as of December 8, 2020

By Kyle R. Fath and BakerHostetler on November 30, 2020 Posted in Privacy

During its annual Worldwide Developers Conference this summer, Apple announced a handful of new consumer-oriented privacy features coming to its software and devices. One feature will require app publishers to disclose information regarding their apps’ data collection and use practices in what some are referring to as a privacy “nutrition label.” Another significant privacy feature … Continue Reading

California OAG Proposes New CCPA Regs Two Weeks Before Voters Decide on the Fate of CCPA 2.0

By Alan L. Friel, Jeewon Serrato and BakerHostetler on October 20, 2020 Posted in CCPA

On Monday, Oct. 12, the California Office of the Attorney General (the Attorney General or OAG) released a third set of proposed modifications to the California Consumer Privacy Act (CCPA) regulations (the Regulations). The full text can be found on the Attorney General’s website here. The proposed modifications to the Regulations are limited to four … Continue Reading

Register for the Digital Transformation and Data Economy Four-Part Webinar Series starting on May 6

By BakerHostetler on April 29, 2020 Posted in Digital Transformation

Join BakerHostetler’s NEW Digital Transformation and Data Economy Team (DTDE) for a four-part webinar series where attorneys will cover legal implications surrounding COVID-19 for business leaders and provide practical answers and actionable advice. The DTDE team is designed to help you determine where your opportunities and vulnerabilities lie and design a plan to manage, protect and … Continue Reading

Joint Agencies Issue Guidance on Prevalence of Cyberattacks Exploiting COVID-19 and Teleworking

By BakerHostetler on April 23, 2020 Posted in Cybersecurity

On Friday, April 10, 2020, the Department of Homeland Security, the Cybersecurity and Infrastructure Agency and the United Kingdom’s National Cyber Security Centre (NCSC) (jointly, the Agencies) issued a joint statement regarding the growing prevalence of COVID-19-related cyberattacks. The alert focuses on advanced persistent threat (APT) groups and other cybercriminals that are targeting organizations with … Continue Reading

Upcoming Webinars

By BakerHostetler on April 21, 2020 Posted in Advertising, CCPA

April 23, 2020: Marketing, Promoting and Pricing Your Products During the Pandemic For some companies, the COVID-19 pandemic has meant trying to cope with flying-off-the-shelf demand; for others, it has meant retail shutdowns, force majeure and trying to find creative new ways to keep sales afloat. For all of us, it has been a time … Continue Reading

The Washington Privacy Act Is Back

By Andreas Kaltsounis and BakerHostetler on March 2, 2020 Posted in Consumer Data, State Legislation

After the Washington Privacy Act (“WPA”) failed to pass in 2019, state legislators promised to renew their efforts in the 2020 legislative session. Lawmakers kept this promise last month, introducing three bills targeted at an array of consumer privacy issues. The first bill, SB 6281, or the Washington Privacy Act, introduced in the Senate on … Continue Reading

Federal Court Invalidates 2013 HIPAA Omnibus Rule Regulations and HHS Guidance on Fees for Copies of Medical Records

By Sara Goldstein, Aleksandra Vold and BakerHostetler on January 31, 2020 Posted in HHS, HIPAA/HITECH

In what is being seen as a strong rebuke to years of regulatory overreach, the United States District Court for the District of Columbia entered an order on January 23, 2020 that invalidates provisions of the 2013 Omnibus Rule to the Health Insurance Portability and Accountability Act (“HIPAA”) and 2016 guidance issued by United States … Continue Reading

Departments of Education and HHS Release Joint Guidance on the Relationship Between FERPA and HIPAA

By Benjamin Wells and BakerHostetler on January 31, 2020 Posted in HIPAA/HITECH

At the end of 2019, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and U.S. Department of Education Student Privacy Policy Office (ED) issued an update to their joint guidance on the relationship between the Family Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability … Continue Reading

Hoping for a New Year’s Resolution: Clarity on the Sale of Personal Information of California Minors

By Carolina Alonso, Alan L. Friel and BakerHostetler on January 9, 2020 Posted in Children’s Privacy

Those who keep an eye on privacy laws may be familiar with how monumental the Children’s Online Privacy Protection Act (COPPA) was when it first became effective in 1998. COPPA requires online services that directly target children under the age of 13, or reasonably know that children visit the online service, to obtain verifiable parental … Continue Reading

Children’s Privacy Law Updates: Tricks or Treats?

By Carolina Alonso and BakerHostetler on October 31, 2019 Posted in CCPA, Children’s Privacy

It’s finally here! Halloween, the day every kid dreams of for months. It’s a scary time in the world of children’s privacy law – what with the California Consumer Privacy Act (CCPA) lurking around the corner and the specter of FTC enforcement still lingering in the air. But this year, you’ve planned. You know exactly … Continue Reading

Less Than a Month to Go Until Nevada Privacy Law Effective Date

By Alan L. Friel and BakerHostetler on September 12, 2019 Posted in Consumer Data

As discussed in our previous blog post on the topic, Nevada’s amendments to its privacy law are set to go into effect Oct. 1, 2019. Less comprehensive in scope than the much-heralded CCPA, the Nevada privacy law amendment has received significantly less attention than its California counterpart. Even so, the new Nevada privacy law presents … Continue Reading

FTC Announces Enforcement Action, Warning Letters for Companies Falsely Claiming Privacy Shield Participation

By Laura E. Jehl and BakerHostetler on June 21, 2019 Posted in EU-U.S. Privacy Shield Framework

The Federal Trade Commission (FTC) recently announced a compliance sweep of companies claiming to be in compliance with the U.S.-EU Privacy Shield and U.S.-Swiss Privacy Shield Frameworks. The U.S.-EU Privacy Shield and the U.S.-Swiss Privacy Shield programs enable companies to self-certify that they have adopted a number of data protection practices to bring their businesses … Continue Reading

Nevada Adds “Do Not Sell” Requirement to Privacy Law

By Alan L. Friel and BakerHostetler on June 5, 2019 Posted in CCPA, Consumer Data, GDPR

Last week, Nevada Governor Steve Sisolak signed new privacy legislation into law in Nevada. Senate Bill 220 (SB-220) updates Nevada Revised State 603A to provide consumers a new right to opt out of the sale of their data. Effective Oct. 1, 2019, the new law will come into effect prior to the more comprehensive California … Continue Reading

Washington Privacy Act Dies in the House While California Continues to Consider Refinements to the CCPA

By Niloufar Massachi and BakerHostetler on May 6, 2019 Posted in CCPA, Consumer Data

After passing the Senate nearly unanimously, the Washington Privacy Act (SB 5376) has stalled in the House of Representatives. The bill failed to achieve passage out of committee by the April 17 deadline for consideration of bills originating in the opposite house, and was returned to the Senate on April 28. As a result, SB … Continue Reading

Deeper Dive: The Scourge of O365 Incidents

By David Kitchen, M. Scott Koller and BakerHostetler on April 11, 2019 Posted in Cybersecurity, Data Security Incident Response

A Growing Menace 2018 saw a continuation of companies moving toward cloud-based email systems. Phishing incidents targeting those systems followed suit. Fully one-third of incidents addressed by our incident response team in 2018 involved unauthorized access to an online email account. Phishing attacks continued to dominate the types of cyberattacks organizations experienced in 2018, owed, … Continue Reading

FTC Launches a New Task Force Dedicated to Monitoring the Tech Industry for Anti-Competitive Practices

By Janine Anthony Bowen and BakerHostetler on March 13, 2019 Posted in Advertising, Marketing

The Federal Trade Commission announced the creation of a new task force that is dedicated to monitoring competition in the U.S. technology industry. This Technology Task Force will coordinate and consult with 17 staff attorneys throughout the FTC who have experience in complex product and service markets, including the markets for online advertising, social networking, … Continue Reading