Health information is sensitive.
Sharing it with third parties for advertising is more sensitive.
Doing it behind a log-in where there is no expectation of such tracking?
You’re a covered entity and didn’t have a Business Associate Agreement (BAA) in place?
A new class action lawsuit claims that…Continue Reading A Class Action Lawsuit Claims a Health System Uses Meta Pixel on Its Website. What You Need to Know.
The Commerce and Energy Committee has voted to send the American Data Privacy and Protection…Continue Reading The American Data Privacy and Protection Act Is Now on the House Floor. How Has It Changed?
Congresswoman Anna Eshoo (D-CA) voted against American Data Privacy and Protection Act (ADPPA), citing preemption…Continue Reading Congresswoman Says No to ADPPA, Citing Preemption of California Law, Reproductive Health Loophole
The proposed American Data Privacy and Protection Act is getting a facelift.
Here are some…Continue Reading The Commerce and Energy Committee’s ADPPA Amendment is Out.
During a recent webinar hosted by The Chicago Bar Association, some other panelists and I made some predictions about the future of data privacy.
What is on the horizon?
The …Continue Reading What Does the Future of Data Privacy Hold? Some Predictions.
California Attorney General Rob Bonta has issued statement about protecting health data in mobile apps in view of the upcoming SCOTUS decision in Dobbs. In the process, he also signaled…Continue Reading Keep Your Health Data Secure. And Your App-Hosted Health Data Securer.
The old saying went that “if you don’t want it on the front page of the newspaper, don’t put it in an email.” Well, if you don’t want to produce…Continue Reading If You Don’t Want It Released to an Employee, Don’t Put It in Your Employee Files
Let’s say you are an EU company. You engage a processor. Data is processed in the EU. There is no transfer.
But in the processor-sub-processor data processing agreement, the data…Continue Reading Where Is a Transfer? Datatilsynet Says Almost Everywhere!
Datatilsynet Norway has issued a helpful guide on the data protection aspects of employee monitoring, which are helpful for GDPR, but also for California employers with CPRA bringing employee rights…Continue Reading What Employers Need to Know About Monitoring Employee E-Mail
What can we learn about disclosures and how to draft privacy notices from the Sweden IMY decision? And why is it important for both GDPR companies and CPRA, CDPA, CPA…Continue Reading Clear & Concise and Everything Nice: What the IMY Decision Means for Your Privacy Notice
Here are five things you should know about Google Analytics, transfers and Schrems II.
1. Down to Middle Earth We Go
Brush up on your J.R.R. Tolkien because Datatilsynet in…
The United Kingdom’s Information Commissioner’s Office has issued draft guidance regarding governance and anonymization.
What does it mean for GDPR and for the host of new US Privacy laws, including…Continue Reading Anonymization Governance: Why It’s Important for GDPR and for CPRA
Many EU companies have their own ideas on what US Privacy laws mean for the, Here are three of the more common myths out there, busted.
I don’t…Continue Reading Busted: Three Myths EU Companies Have About US Privacy laws