On July 18, 2023, Oregon’s Governor signed Senate Bill 619 which enacts Oregon’s comprehensive consumer data privacy statute. Oregon joins California, Colorado, Connecticut, Indiana, Iowa, Montana, Tennessee, Texas, Utah, and Virginia in enacting a comprehensive consumer privacy law. Most of the sections of the law are
Connecticut Passes Law Regarding State Use of AI and Amendments to Data Privacy Law
On June 7, 2023, Connecticut’s Governor signed Senate Bill (SB) 1103, which enacted regulations regarding artificial intelligence, automated decision-making, and personal data privacy. The law sets several requirements for state agencies’ development and use of automated systems for critical decisions, including the designation of an artificial intelligence officer under the Office of Policy and
Connecticut Adds Protections for Health Data and Minors to Privacy Law
On June 26, 2023, the Governor of Connecticut signed Senate Bill (SB) 3 which set forth new requirements related to consumer health data and protections for minors online.
As Connecticut’s comprehensive consumer privacy law took effect on July 1, 2023, the state has expanded privacy requirements under SB 3. Similar to Washington and Nevada
Montana Enacts Genetic Information Privacy Law
- Offers consumer genetic testing products or services
CCPA-Covered Businesses Be On the Look Out for a Letter from the California Attorney General
Though enforcement of the California Privacy Rights Act (CPRA) which amended the California Consumer Privacy Act (CCPA) has been paused for now, the State of California is not resting when it comes to compliance with the CCPA.
On July 14, 2023, California’s Attorney General announced an “investigative sweep” regarding compliance with the CCPA.
Lone Star State Enacts Consumer Privacy Law
On June 18, 2023, Texas’ Governor signed House Bill (HB) 4 which enacts the Texas Data Privacy and Security Act. Texas joins California, Colorado, Connecticut, Indiana, Iowa, Montana, Tennessee, Utah, and Virginia in enacting a comprehensive consumer privacy law. Most of the sections of the law are
Nevada’s Governor Signs Health Data Privacy Act
On June 16, 2023, Nevada’s Governor signed Senate Bill (SB) 370, which enacts certain protections for consumer health data.
The law is similar to Washington’s My Health, My Data Act, which was passed in April. The Future of Privacy Forum prepared a useful chart comparing the Washington and Nevada laws.
Nevada’s law
Increase in In-House Oversight of Privacy
The Association of Corporate Counsel and Major, Lindsey & Africa recently released their 2023 Law Department Management Benchmarking Report (Report) which tracks key trends in law department financial and operational data.
Unsurprising, as there has been an increase in privacy regulation across the country with several states passing comprehensive privacy legislation in 2023, privacy compliance
$240,000 HIPAA Settlement With OCR Due to Snooping Security Guards
It is not the first time we have written about complaints, OCR settlements, and even jail time following snooping by hospital employees into patient records. For example, as COVID raged, an investigation showed that for approximately 10 months ending in February, 2021, an employee at a California state hospital improperly accessed approximately 2,000 individuals’ COVID-19
Texas Tightens State’s Data Breach Notification Law
On May 27, 2023, Texas’ Governor signed Senate Bill 768 amending Texas’ data breach notification law. The law in question, Section 521.053 of the Texas Business and Commerce Code, sets out the specific requirements any person conducting business in the state who owns or licenses sensitive personal information in a computerized format must follow in