Health Privacy

California Mandates COVID Exposure and Outbreak Reporting to Employees, Government Agencies

September 23, 2020 By Aaron Wasser and Daniel Felz

On Thursday, September 17, 2020, California Governor Gavin Newsom signed Assembly Bill 685 (“AB685”) into law. AB685 amends a number of portions of California’s Labor Code to address the COVID-19 pandemic. In addition to provisions that regulate reopening activities at California worksites, AB685 introduces two new COVID-related notification obligations for California employers: (1) a requirement […]

Proposed Federal Privacy Legislation Tackles COVID-19 Data

May 21, 2020 By Jon Knight and Nameir Abbas

Data collection and analysis is becoming a key weapon in the fight against COVID-19 both here in the United States and around the globe. But as governments and tech companies roll out a variety of applications and contact tracing tools, legislators from both sides of the political aisle are questioning how to handle the data […]

FTC Cautions Against Biased Outcomes in Use of AI and Algorithms

April 14, 2020 By Kate Hanniford

As the healthcare and financial impacts of COVID-19 continue to evolve with the global pandemic, the use of AI technology and associated risks have received greater attention. On April 8, 2020, the FTC posted an extensive summary of its recent enforcement actions, studies, and guidance regarding the use of AI tools and algorithms. The summary […]

White Paper on Privacy Issues in Proposed New National Medical Claims Database

September 30, 2019 By Peter Swire

Prof. Peter Swire, Elizabeth and Thomas Holder Chair at the Georgia Tech Scheller College of Business and Senior Counsel at Alston & Bird, has published a new white paper on “Possible Privacy, Cybersecurity, and Data Breach issues in the Proposed National Medical Claims Database Under Section 303 of S. 1895.” Senators Lamar Alexander (R-TN) and Patty Murray […]

HHS Releases New “Health Industry Cybersecurity Practices”

January 8, 2019 By Kate Hanniford

On December 28, 2018, the Department of Health and Human Services (HHS) issued new voluntary cybersecurity guidance for the health care industry titled, “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients.” This four-volume set of consensus-based principles and practices (the “HICP”) reflects the recommendations of the 405(d) Task Group, a HHS and industry-led collaborative […]