As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It looks like substantial changes are in store for covered entities and business associates alike, including healthcare providers
2024 Wrap-Up of the Workplace Privacy, Data Management & Security Report
As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our most popular topics and posts from 2024.
Expanding State Privacy Laws
This year saw a further expansion of state comprehensive consumer data privacy laws. These legislative measures aim to enhance the
Privacy Blizzard Expected in January as Five State Laws Take Effect
Around the country, the weather is turning wintery, but in the privacy arena, there will be a blizzard as five state comprehensive privacy laws become effective.
Here is an overview of businesses needing to prepare.
1. Delaware Personal Data Privacy Act (DPDPA)
The DPDPA takes effect on January 1, 2025. It applies to entities doing
Florida Healthcare Provider Faces $1.19M HIPAA Penalty Following Independent Contractor Breach
A healthcare provider delivering pain management services in Florida and other states faces a $1.19 million civil monetary penalty from the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR). The OCR investigation stems from a data breach, but not the type of breach we are used to seeing in
Tips for Vacation Rental, Property Mgmt. Businesses Facing Vendor Cybersecurity Risk
No organization can eliminate data breach risks altogether, regardless of industry, size, or even if the organization has taken significant steps to safeguard their systems and train employees to avoid phishing attacks. Perhaps the most significant reason these risks remain: third-party service providers or vendors.
For most businesses, particularly small to medium-sized businesses, service providers
Litigation Under Wiretap Law and What Website Owners Need to Know
Massachusetts’ highest court recently issued an opinion that delves into the complex intersection of privacy law and modern technology. The case centers around whether the collection and transmission of users’ web browsing activities to third parties without their consent constitutes a violation of the Massachusetts Wiretap Act.
However, the claim is not unique to Massachusetts.
California Privacy Protection Agency Advances Rulemaking on AI and Cybersecurity Audits
- Automated Decision-Making
Automated Decision Making Changes Coming to California’s FEHA Regulations
The California Civil Rights Council published its most recent version proposed revisions to Fair Employment and Housing Act (FEHA) regulations that include automated decision-making and extended the comment period to 30 days. You can read more about the proposed revisions here from Jackson Lewis Attorneys Sayaka Karitani and Robert Yang.
California Passes Legislation Protecting Performers’ Digital Rights
Governor Newsom recently signed two significant bills focused on protecting digital likeness rights: Assembly Bill (AB)1836 and Assembly Bill (AB) 2602. These legislative measures aim to address the complex issues surrounding the commercial use of an individual’s digital rights and establish guidelines for responsible AI use in the digital age.
California AB 1836 addresses
California Seeks to Have Consistent Definition of Artificial Intelligence
Artificial Intelligence (AI) has created numerous opportunities for growth and economic development throughout California. However, the unregulated use of AI can lead to a Pandora’s Box of undesirable consequences. A regulatory framework that leads to inconsistent results likely will lead to other problems. Acknowledging this, the most recent California legislature included a bevy of bills