On May 11, 2023, Tennessee’s Governor signed Senate Bill 0073, the Tennessee Information Protection Act, making the state the eighth state to pass consumer privacy legislation. Tennessee joins California, Colorado, Connecticut, Indiana, Iowa, Utah, and Virginia which have previously passed consumer privacy statutes.
Tennessee’s law will take
We have written several times about U.S. Department of Health and Human Services Office for Civil Rights’ “HIPAA Right of Access Initiative.” In its most recent enforcement action under the Initiative, the 44th such enforcement action, the OCR investigated a complaint made against a psychotherapist concerning the alleged refusal to provide medical records. Ultimately, and
Ransomware is a scary term for many business leaders and CISOs who dread being hit with a malware attack that locks up their data and could shut down operations. They expect to find that oddly-worded ransom note advising how they could recover access to their data, for a sizable fee of course. For a variety
The Federal Trade Commission updated its “Standards for Safeguarding Customer Information” (“Safeguards Rule”) and extended the compliance deadline to June 9, 2023. Some entities still may be wondering – “Do these regulations apply to my business?” and “What do I have to do?”
Back in 2021, we provided a high-level summary of the Safeguards Rule
On May 1, 2023, Governor Holcomb signed Senate Bill 5, Indiana’s comprehensive privacy statute (The Act). the Act will become operative on January 1, 2026, and make Indiana the seventh state, after California, Colorado, Connecticut, Iowa, Utah, and Virginia to enact a comprehensive consumer privacy statute.
Indiana beat Montana
Health data privacy, including in the context of reproductive health, was strengthened last week when Washington Governor Jay Inslee signed the “My Health, My Data Act” on April 27, 2023. See our summary of the law here.
Set to take effect on March 31, 2024, the new law aims to address health data collected
Since the privacy and security regulations were issued under the federal Health Insurance Portability and Accountability Act (HIPAA), critics pointed to the limitations on the reach of those rules. A critical limitation advanced by privacy advocates is that the popular health data privacy rule extends only to certain covered entities and their business associates, not
On March 21, 2023, Virginia’s governor approved Senate Bill 1040, which prohibits an employer from using an employee’s social security number or any derivative as an employee’s identification number. The bill also prohibits including an employee’s social security number or any number derived from the social security number on any identification card or badge.
The Indiana Legislature is poised to pass Senate Bill 5, a comprehensive privacy statute (the “Act”), and send it on to the Governor. Once signed, the Act will become operative on January 1, 2026, and make Indiana the seventh state, after California, Colorado, Connecticut, Iowa, Utah, and Virginia to
Websites play a vital role for organizations. They facilitate communication with consumers, constituents, patients, employees, donors, and the general public. They project an organization’s image and promote goodwill, provide information about products and services and allow for their purchase. Websites also inform investors about performance, enable job seekers to view and apply for open positions,