Data Privacy Posts

The California Consumer Privacy Act of 2018

In the period of just a week, California passed a bold new privacy law — the California Consumer Privacy Act of 2018. This law was hurried through the legislative process to avoid a proposed ballot initiative with the same name. The ballot initiative was the creation of Alastair Mactaggart, a real estate developer who spent millions to bring the initiative to the ballot. Mactaggart indicated that he would withdraw the initiative if the legislature were to pass a similar law, and this is what prompted the rush to pass the new Act, as the deadline to withdraw the initiative was looming.

South Dakota Beats Alabama in Passage of Data Breach Notification Law

South Dakota passed the finish line right before Alabama, but both states have now joined the rest of the nation in enacting data breach notification laws for their citizens. Last month, South Dakota Governor Dennis Daugaard signed South Dakota § 22-40-19 et. seq., the South Dakota Data Breach Notification Law, into effect. Alabama Governor Kay Ivey’s signature on April 3, 2018, inked the final state data breach law into effect.

Pushback Against the CLOUD Act

USA Today addresses the privacy concerns raised after Congress passed the CLOUD Act, a bill that would allow police in other countries to have access to emails and other electronic communications more easily from their own citizens as well as Americans.

Attorney General Becerra Announces $2 Million Settlement Involving Santa Barbara-based Cottage Health System Over Failure to Protect Patient Medical Records

California Attorney General Xavier Becerra today announced a $2 million settlement with Cottage Health System and its affiliated hospitals in California resolving allegations that they failed to implement basic, reasonable safeguards to protect patient medical information in violation of state and federal privacy laws.

Internet of Medical Things Resilience Partnership Act of 2017

A new bill called the “Internet of Medical Things Resilience Partnership Act of 2017,” H.R. 3985, was recently introduced in the House of Representatives. If passed as drafted, the bill will establish a working group of public and private entities led by the Food and Drug Administration (FDA) and National Institute of Standards and Technology (NIST) to recommend voluntary frameworks and guidelines to increase the security and resilience of Internet of Medical Things devices.