Meet John Doe: Court Allows Meta Pixel Privacy Lawsuit to Proceed

A class action lawsuit against Meta Pixel, John Doe v. Meta Platforms Inc., was filed in the U.S. District Court, Northern District of California, in June of 2022. In the lawsuit, Plaintiffs allege that Meta knew, or should have known, that its Pixel tracking tool was being improperly used on the websites of at least 600 hospital systems. Meta Pixel Privacy Lawsuit: [...]

2023-09-01T12:49:17-04:00August 30th, 2023|

Indiana Privacy Laws: The Indiana Consumer Data Protection Act

On May 2, 2023, Indiana became the seventh state in the US to have a complete state privacy law when Governor Eric Holcomb signed Senate Bill 5, or the Indiana Consumer Data Protection Act (ICDPA), into law. Several recent state legislation, including those in Virginia, Utah, and Iowa, are quite similar to the bill. This move was long overdue, as privacy concerns [...]

2023-07-24T15:00:48-04:00May 30th, 2023|

Washington State Privacy Law: My Health, My Data Act

In a groundbreaking move, Washington State has introduced comprehensive privacy laws to protect its residents' health data. The My Health My Data Act (MHMDA) was enacted on April 27, 2023, in response to the Supreme Court's Dobbs decision, which overturned Roe v. Wade.  This pioneering legislation aims to safeguard personal information related to consumer health data and attempts to obtain healthcare services [...]

2023-07-24T15:11:48-04:00May 22nd, 2023|

EyeMed Vision Care Reaches Attorney General Settlement, Again

Hold onto your glasses because EyeMed Vision Care has just reached its third settlement over a 2020 data breach that impacted 2.1 million individuals! The vision insurer has agreed to pay a whopping $2.5 million settlement with the states of New Jersey, Oregon, and Florida following an investigation into EyeMed's data security program, which was found to be lacking and contributed to the breach. Yikes! [...]

2023-07-24T15:14:30-04:00May 19th, 2023|

Iowa Sixth State to Enact Data Privacy Law

The Iowa Data Privacy Law is an important legislation that ensures the protection of individual privacy rights in the state. It regulates how organizations collect, store, and use personal information to Iowa residents, to prevent unauthorized access, disclosure or misuse of such data. The law applies to both private and public entities operating within Iowa’s borders. On March 29, 2023, Governor Kim [...]

2023-07-24T15:40:30-04:00May 11th, 2023|

Action Taken Against CHS: Multistate HIPAA Settlement Following C10P Ransomware Attack

Being in the healthcare industry, it is obvious that patient data security is extremely important. Unfortunately, not all healthcare providers take data security seriously, which can lead to devastating consequences. One such case is the Community Health Systems (CHS) C10P Ransomware attack, which affected millions of patients and resulted in a multistate HIPAA settlement. ​​No one is protected from HIPAA violation double [...]

2023-07-25T09:40:10-04:00April 4th, 2023|

Data Breach of Four Californian Medical Groups Leaves 3.3MM Patients Vulnerable

A class action lawsuit has been named against four Californian medical groups, alleging that they failed to take reasonable and appropriate cybersecurity precautions, leading to a cyberattack and data breach involving the private information and protected health information of 3,300,638 current and former patients. The lawsuit asserts that the cyberattack and data breach were predictable and could have—and should have—been avoided. The [...]

2023-07-25T09:54:49-04:00March 27th, 2023|

The Final Countdown: Your CPRA Checklist

In a July post (available here), we discussed a new rush of state data privacy laws that will affect businesses nationwide, including the implementation of the CPRA compliance checklist. In that post, we delved into the details of new laws coming online in California, Colorado, Connecticut, Utah, and Virginia. Of these, the law that is (or should be) on every business’s [...]

2023-08-21T12:42:15-04:00December 2nd, 2022|

Planning for 2023: New State Data Privacy Laws Coming Online

On May 10, 2022, Connecticut Governor Ned Lamont signed the Connecticut Data Privacy Act, making Connecticut the fifth state in the nation to pass a comprehensive data privacy law after California, Colorado, Utah, and Virginia. Together, these laws represent a monumental shift in the regulatory landscape for businesses and impose significant and meaningful legal obligations on companies nationwide – regardless of where the company is located. [...]

2023-08-31T09:32:07-04:00July 20th, 2022|

Lawsuits Increasing Following HIPAA Breaches

Almost as surely as summer follows spring, lawsuits follow breaches of protected health information. Here’s a roundup of recent HIPAA breach lawsuits and settlements. Lawsuits Increasing Following HIPAA Breaches - Facts and Figures The law firm BakerHostetler published its annual Data Security Incident Response Report based on findings from 1,270 data security incidents managed by the firm in 2021.  Highlights included: 23% [...]

2023-07-26T14:43:23-04:00May 27th, 2022|