A recent enforcement action by the Federal Trade Commission (“FTC”) against 1Health.io—which sells “DNA Health Test Kits” to consumers for health and ancestry insights—serves as a reminder that the FTC is increasingly exercising its consumer protection authority in the context of privacy and data protection. This is especially true where the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) does not reach. The FTC’s settlement with 1Health.io highlights a wide-range of privacy and security issues companies should consider relating to best practices for updating privacy policies, data retention policies, configuration of cloud storage and vendor management, especially when handling sensitive genetic data.
On October 12, 2020, the California Attorney General issued its notice and third set of proposed modifications to the regulations implementing the California Consumer Protection Act (“CCPA”). These proposed modifications would change the regulations that were approved by the California Office of Administrative Law on August 14, 2020. The California Department of Justice is accepting written comments from the public on these proposed revisions to the regulations until October 28, 2020 at 5:00 p.m. PST.
Notable changes in these regulations include:
- A requirement for ...
By Brandon Ge and Alaap Shah
The Department of Health and Human Services (“HHS”) is taking laudable steps to improve notices of privacy practices (“NPPs”) and make them more clear, understandable, and user-friendly. Under the HIPAA Privacy Rule, individuals are entitled to a receive an NPP informing them of how their health information may be used and shared, as well as how to exercise their health privacy rights. Health plans and health care providers must develop and distribute NPPs that clearly explain these rights and practices. Unfortunately, to date NPPs have been ...
Blog Editors
Recent Updates
- Importance of Negotiating Maintenance, Repair and Replacement Obligations in Health Care Leases
- Unpacking Averages: Assessing the Products Included in FDA's Voluntary Malfunction Summary Reporting Program
- Federal Update on Cannabis Scheduling: Are State Legalized Cannabis Dispensaries to Become Pharmacies?
- HHS Extends the Antidiscrimination Provisions of the Affordable Care Act to Patient Care Decision Support Tools, Including Algorithms
- It’s Been a Long Time Coming – FDA’s Final Rule on Regulation of Laboratory Developed Tests (LDTs) as Medical Devices Has Arrived