Archives: Data Privacy

Subscribe to Data Privacy RSS Feed

An Introduction to Washington’s My Health My Data Act

Photo of Andreas KaltsounisPhoto of BakerHostetlerBy Andreas Kaltsounis and BakerHostetler on Posted in Data Privacy, Healthcare
On April 17, the Washington legislature passed the My Health My Data Act (MHMD Act), which includes some of the most restrictive provisions in any U.S. state privacy law. The MHMD Act is the result of Washington state’s multi-year effort to pass comprehensive privacy legislation fueled by new fears about access to reproductive health care … Continue Reading

Washington State’s New Shield Law, Part of Washington’s ‘Choice-Defending Agenda,’ Modifies Obligations Related to Other States’ Criminal and Civil Process

Photo of Andreas KaltsounisBy Andreas Kaltsounis on Posted in Data Privacy, Healthcare
Entities that receive criminal process (such as subpoenas or search warrants) in Washington state should review Washington’s new Shield Law, which the legislature just passed as part of its post-Dobbs “choice-defending agenda.” The law allows those in Washington who receive out-of-state legal process to ignore the process in certain circumstances. Providers of “electronic communication services” … Continue Reading

Illinois Supreme Court: Sections 15(b) and 15(d) BIPA Claims Accrue with Each Scan or Transmission

Photo of Joel GriswoldPhoto of Bonnie Keane DelGobboPhoto of Amy L. LenzBy Joel Griswold, Bonnie Keane DelGobbo and Amy L. Lenz on Posted in Data Privacy
Today the Illinois Supreme Court issued a decision in Cothron v. White Castle System, Inc. 2023 IL 128004, in which the court held that the statute of limitations accrues with each scan or transmission of biometric identifiers or biometric information for claims arising under Sections 15(b) and 15(d) of the Illinois Biometric Information Privacy Act, … Continue Reading

White House Releases First-Ever Comprehensive Framework for Responsible Development of Digital Assets

Photo of Jeewon SerratoPhoto of Jamie KimBy Jeewon Serrato and Jamie Kim on Posted in Cybersecurity, Data Privacy
On Sept. 16, 2022, the White House released a comprehensive framework for responsible digital asset development and, in particular, cryptocurrency. Agencies across the federal government have been working for the past six months to develop frameworks and policy recommendations to advance the six key priorities identified in President Biden’s March 9 executive order on Ensuring … Continue Reading

Modeling the Privacy Catwalk: Practical Steps Forward

Photo of Carolina AlonsoPhoto of Nikki EdmundsBy Carolina Alonso and Nikki Edmunds on Posted in Data Privacy
What’s Trending? (Privacy a la Mode) Notable fashion brands have been engaging in a “trial period” of new technologies as privacy laws and privacy enforcement are trending – for example, exploring integrating branding into digital assets in video games, virtual reality (VR) and augmented reality (AR) technology, metaverses, and non-fungible tokens (NFTs). Fashion naturally pushes … Continue Reading

Office for Civil Rights Provides Guidance: HIPAA Privacy Rule on Disclosures of Information Relating to Reproductive Healthcare

Photo of Aleksandra VoldBy Aleksandra Vold on Posted in Data Privacy, Healthcare, HIPAA/HITECH
On June 29, in response to the U.S. Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization, the U.S. Department of Health & Human Services Office for Civil Rights (HHS OCR) issued guidance on when entities covered by the Health Insurance Portability and Accountability Act (HIPAA) are permitted to share protected health information (PHI) … Continue Reading

Dobbs Triggers Significant Healthcare and Privacy Law Concerns and Confusion

Photo of Aleksandra VoldPhoto of Amy FoutsBy Aleksandra Vold and Amy Fouts on Posted in Data Privacy, Healthcare, HIPAA/HITECH
To help guide entities through the significant confusion and changes that will be evolving for the next several years, BakerHostetler has assembled the Dobbs Decision Task Force (DDTF), led by attorneys in five major areas (healthcare/health tech, privacy, labor and employment, employee benefits, and white collar). Like many others, healthcare entities are facing immediate uncertainty … Continue Reading

A Digital Advertising Primer on Preparing for the Post-Cookie World: Part Two

Photo of Gerald J. FergusonPhoto of Fernando A. Bohorquez, Jr.Photo of Yadilsa DiazBy Gerald J. Ferguson, Fernando A. Bohorquez, Jr. and Yadilsa Diaz on Posted in Cookies, Data Privacy, GDPR, Privacy
Part I: What Are Third-Party Cookies and Why they are Important — PART II — Privacy Laws And Third-Party Cookies Welcome to our second installment in our eight-part series preparing you for the post-cookie world. In our first post, we provided a deep dive into cookies for a baseline understanding of the technology and why … Continue Reading

US Facial Recognition Firm Ordered to Stop Processing UK and Australian Data and Pay Fine Over Privacy Law Violations

Photo of Jeewon SerratoPhoto of BakerHostetlerBy Jeewon Serrato and BakerHostetler on Posted in AI, Biometrics, Data Privacy, GDPR, Privacy, Privacy Litigation
ICO and OAIC Find ‘Serious Breaches’ of Privacy Law On Nov. 29, 2021, the U.K. Information Commissioner’s Office (ICO) announced a provisional intent to fine Clearview AI over £17 million, alleging several privacy violations related to the company’s use of “scraped” data and biometrics of individuals. More significantly, the provisional order would require the company … Continue Reading

A Digital Advertising Primer on Preparing for the Post-Cookie World: Part One

Photo of Gerald J. FergusonPhoto of Fernando A. Bohorquez, Jr.Photo of Yadilsa DiazBy Gerald J. Ferguson, Fernando A. Bohorquez, Jr. and Yadilsa Diaz on Posted in Data Privacy, Emerging Technology
Editor’s Note: This blog post was originally published in September 2021, courtesy of the Association of National Advertisers. It is repurposed with permission. — PART I — Overview of the Five-Part Series In a time of constant change in digital advertising, there is one consistent question that persists in advertisers’ minds: What do we do after third-party … Continue Reading

Is China’s Personal Information Protection Law Contributing to the Global Supply Chain Snafu?

Photo of Daniel PepperBy Daniel Pepper on Posted in Data Privacy
Less than a month after China’s Personal Information Protection Law (PIPL) took effect, ships in Chinese waters began disappearing from industry tracking systems. While the PIPL governs the collection and cross-border transfer of personal information, which is broadly defined as information related to an identified or identifiable natural person that is recorded electronically or by … Continue Reading

California Privacy Protection Agency Board Chair Discusses CPRA Rulemaking Process and Agency Authority

Photo of Justin T. YedorPhoto of Jeewon SerratoBy Justin T. Yedor and Jeewon Serrato on Posted in CCPA, Consumer Data, CPRA, Data Privacy, Data Protection, Uncategorized
Justin T. Yedor and Jeewon Serrato On October 5, 2021, Jennifer Urban, who serves as Chair of the Board the California Privacy Protection Agency (the CPPA) spoke with members of the California Lawyer’s Association about the Board’s work to get the new Agency off the ground, the challenges it faces in doing so and the … Continue Reading

Effective Oct. 1, 2021: Connecticut Expands Data Breach Notification Statute

Photo of Benjamin WangerPhoto of Elana WeinblattBy Benjamin Wanger and Elana Weinblatt on Posted in Breach Notification, Data Breach Notification Laws, Data Breaches, Data Privacy, HIPAA/HITECH
On June 16, 2021, the Connecticut General Assembly adopted an expanded version of Connecticut’s data breach notification statute (2021 CT H.B. 5310 (NS)). Through this expansion, Connecticut’s data breach notification statute will be updated, effective Oct. 1, 2021, to (1) broaden the definition of “personal information,” (2) shorten the amount of time within which businesses … Continue Reading
LexBlog