Tag:Privacy & Security
Digital Footprints in the Post-Roe Era
On June 24, the Supreme Court officially overturned Roe v. Wade. In doing so, it declared that there was no longer a constitutional right to abortion, allowing state police power to determine its legality. Immediately after this decision, trigger laws went into effect across a quarter of the states, making abortions illegal. Post Dobbs, information collected on personal devices, especially through period-tracking and telemedicine apps, is at risk of being exposed and utilized as criminal evidence.
Imperative Progress in Your Data Privacy and Protection
Amanda Scott Associate Editor Loyola University Chicago School of Law, JD 2024 In June 2022, a draft of a bipartisan bicameral bill known as the American Data Privacy and Protection Act was introduced. This bill was proposed as a replacement to current laws to further protect and strengthen federal data privacy and protection regulations. This …
Read more
Tick Tock for TikTok as Kids Addiction to App Grows
In June of this year, a new California bill, which allows social media companies to be sued by state government attorneys for having features that contribute to the addiction of children to their apps, cleared the state Senate. The bill was originally brought to California’s state assembly as one that would permit parents to sue social media giants for up to $25,000 per violation but was later amended after lobbying from business and tech-industry groups. The worry that social media is able to exploit children through ads, notifications, and other features in the design that are promoting addiction has amplified since the premiere of 2020 documentary, “The Social Dilemma.” Since then, the warning that regulation was looming has quickly turned into actual movement towards regulating the actions of social media companies. The bill has since failed, a disappointing end to an initiative that could have made a real change towards keeping social media giants in check.
Meta Sued for Unlawful Collection of Patient Data
A recent class action lawsuit alleges Meta (the parent company of Facebook) used an illegal tracking tool to retrieve patient information from over 664 hospitals for marketing purposes. Meta and a handful of US-based hospitals have violated privacy laws such as HIPAA that control the means and methods for lawfully handling covered medical information. John Doe filed the case on June 17, 2022, in the U.S. District Court for the Northern District of California, seeking class action certification for a jury trial to recover compensatory damages and attorney’s fees.
Patient Privacy in the Post Roe Era
On June 24, 2022, the Supreme Court finally handed down its long-awaited opinion in Dobbs v. Jackson Women’s Health Organization. In this decision, the Court set aside nearly 50 years of precedent and unequivocally overruled Roe v. Wade, declaring that there is no Constitutional right to abortion. This decision will unsurprisingly change laws and significantly impact millions of people across the country. Although pro-choice activists have been bracing for this outcome and mobilizing to maintain access to abortions, they have to contend with a consideration that did not exist to the same magnitude the last time that abortion was illegal in the US: anti-abortion laws’ impact on data privacy.
PATCHing Health Technologies: Medical Device Security is the Target in Congress’ Aim
Conversations about the privacy and security of health information systems and patient data are ongoing, and frequently front-page news. But what about healthcare’s “internet of things”? More specifically, the web of wearable or implantable medical devices, and the applications that go along with them, which collect and transmit health information? The Food and Drug Administration (FDA) is charged with approving medical devices for patient use in a clinical setting, such as pacemakers. These devices require FDA approval and cannot be altered after receiving that approval. Additionally, an upgrade to an approved device could result in the need for an entirely new FDA approval, making device’s security essentially obsolete soon after its deployment. The inability to upgrade device security poses a unique cybersecurity risk. And this risk is one that Congress seems poised to take on.
Biden Administration Works with the EU to Develop New Data-Sharing Agreement
After the EU invalidated the previous data transfer agreement between the EU and the US in July of 2020, many big tech companies have been left unsure how to keep business flowing from Europe without the ability to store data within the US. To the relief of these companies, the Biden Administration has reached a preliminary agreement for a new deal with the EU. Coined the Trans-Atlantic Data Privacy Framework, this new agreement works to address concerns raised by the EU.
Critical Infrastructure and Cybersecurity Legislation: America’s Cybersecurity Problem
Long gone are the days when cybersecurity concerns existed solely in the domain of technology teams. Various organizations, from schools to government entities (at every level), to private companies alike have fallen prey to cyberattacks. May 2021’s Colonial Pipeline attack caused chaos and a temporary gas frenzy that brought awareness of the vulnerabilities of the technology we rely on to even the least technically minded American. Cybersecurity, and more specifically, the security of critical infrastructure immediately became an issue that the U.S. Government is taking very seriously.
The First Cyber War: The Threat of Russian Cyberattacks has Thrust Cybersecurity Compliance into the Spotlight
The impact of Russia’s unprovoked attack on Ukraine on February 24, 2022 has not only caused a horrific human rights crisis but has also had a dramatic effect on how the world conducts business, felt well beyond the borders of Russia and Ukraine. Warnings of an imminent Russian cyberattack on critical United States infrastructure has small and large businesses alike brushing up their cybersecurity policies to ensure they are compliant with current best practices in the likely event of a Russian cyberattack and impending federal legislation.
Senate Brings Bipartisan Attempt to Update Health Privacy Regulations
On February 9, a group of senators led by Tammy Baldwin of Wisconsin and Bill Cassidy of Louisiana introduced a new bill, the Health Data Use and Privacy Commission Act (the “Act”), in attempt to revitalize current legislation regarding the protection and use of health data. The bill also has the support of a number of representatives from within the healthcare industry, including Epic, IBM, and Teladoc Health, as well as a number of professional associations like the American College of Cardiology, the Association for Behavioral Health and Wellness, and the Association of Clinical Research Organizations.