New York’s Attorney General Eric T. Schneiderman announced on January 15 that he would propose legislation to New York State lawmakers to revise New York’s data security laws and to require new safeguards for personal data of New Yorkers. The legislation to be introduced by Mr. Schneiderman will broaden the scope of information that would require […]
Regulation
New Jersey Enacts Health Information Encryption Requirement
New Jersey Governor Chris Christie has signed a new law requiring health insurance companies to protect client health information by encrypting the data. The law applies to any insurance company, health service corporation, hospital service corporation, medical service corporation, or health maintenance organization authorized to issue health benefits plans in New Jersey. These entities must take […]
CFPB’s Final Rule Allows Online Privacy Notice Posting In Certain Circumstances
The Consumer Financial Protection Bureau (CFPB) recently published a final rule regarding annual privacy notices from financial institutions to their customers. The rule allows financial institutions that limit their consumer data-sharing and meet other requirements to post their annual privacy notices online rather than delivering them individually. Under the Gramm-Leach-Bliley Act (GLBA), financial institutions generally […]
Laboratories Must Comply with New HIPAA Patient Access Rules by October 6, 2014
HIPAA covered laboratories and hospitals with laboratories subject to the Clinical Laboratory Improvement Amendments of 1988 (“CLIA”) must comply with changes to the HIPAA Privacy Rule that provide patients with direct access to laboratory test results by October 6, 2014. Earlier this year, the Centers for Medicare & Medicaid Services, the HHS Office for Civil […]
FTC seeks public comment on AgeCheq Inc.’s application for approval of proposed verifiable parental consent method
On August 25, 2014, the Federal Trade Commission (“FTC”) issued a Federal Register notice to be published, announcing the FTC’s request for public comment on a proposed verifiable parental consent method. The method has been submitted for approval by AgeCheq, Inc. under the Children’s Online Privacy Protection Act and the rules promulgated thereunder (the “Rule”). The Rule requires […]