Category Archives: Privacy Laws

Providers of Care and Defenders of Privacy: Strategies to Protect Patient Privacy After the Reversal of Roe v. Wade

Healthcare providers carry a heavy load and it just got heavier.  In the wake of the reversal of Roe v. Wade and the prohibition and criminalization of abortion in some states, healthcare providers are now burdened with being more vigilant than ever in defending patients’ privacy rights. This is true in all states, even where […]

And CT Makes Five: The Connecticut Legislature Passes A Consumer Data Privacy Bill

After failed attempts in years past, on April 28, 2022, Connecticut became the fifth state to pass a consumer data privacy bill.  It is headed to the Governor’s desk for signature, and he is expected to sign.  Entitled “An Act Concerning Personal Data Privacy and Online Monitoring,” it enjoyed bipartisan support passing unanimously in the […]

Connecticut Makes Significant Changes to its Data Breach Statute

Written in collaboration with Nathaly Tamayo, JD.

Late in the legislative session, both the Connecticut House and Senate passed House Bill 5310 (now Public Act 21-59), An Act Concerning Data Privacy Breaches, which substantially amends Connecticut’s data breach notification statute (CGS §36a-701b). Although the bill implemented a number of revisions, the most notable changes significantly expand the definition of personal information and shorten the notification timeframe.

Major Changes Proposed to HIPAA Privacy Rule

Two years after issuing a request for information seeking feedback on possible changes to HIPAA and smack dab in the middle of a global pandemic, the Department of Health and Human Services (HHS) and its Office for Civil Rights (OCR) announced major proposed changes to the HIPAA Privacy Rule. The proposed changes focus on coordination of care and significant revisions to the patient right of access provisions, including shortening the timeframe to respond to patient requests for records to 15 days and permitting patients to take photos or videos of their PHI.

Telehealth, Privacy and The Three Little Pigs

We learned early in life from the Three Little Pigs that a house made of straw or sticks, while much easier to build, lacks the safety and security of a brick house. This fable’s lesson applies to many scenarios including the recent rapid deployment of telehealth services. While a pandemic, not laziness, caused the hurried telehealth services implementation for many, that’s irrelevant to the big bad wolf (and there is always a big bad wolf). He will come and he will huff, and he will puff, and he will compromise the privacy of patient information in a system without adequate protections.

COVID-19 Technology and Privacy Part II – A Promising Legislative Solution Emerges

In Part I of this mini-series last week, Dayle A. Duran, Esq., CIPP/US articulately described Apple and Google’s COVID-19 contact tracing API. Overall, she concluded that, if used as intended, the technology provides good privacy protections, but flagged that the real privacy risks lie in unintended use and function creep. Recently proposed bipartisan legislation may adequately address these concerns.

COVID-19 TECHNOLOGY AND PRIVACY Part I – Contact Tracing: The Apple | Google API

This is part one of a two-part series focused on COVID-19 contact tracing technology and its implications for US privacy law. The next installment of this series will examine legislative solutions to protect data subjects from misuse of information collected through contact tracing apps and related technologies.

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.