Introduction
In December 2020, California Attorney General Xavier Becerra was
announced to be President-Elect Joseph R. Biden, Jr. s
pick to lead the Department of Health and Human Services. The
California Attorney General s Office is the second largest
Justice Department in the United States, second only to the U.S.
Department of Justice, and California Attorney General Xavier
Becerra was the first Latino Attorney General in California s
history. Before becoming the Attorney General of California,
Becerra had a 24-year career in the U.S. House of
Representatives.
1 In 2017, Governor Jerry Brown
appointed Becerra to the last two years of Kamala Harris s term
To embed, copy and paste the code into your website or blog:
As part of Data Privacy Day 2021, ask yourself, does my business have a Privacy Program in place? Probably not. But should it? That’s a great question for a privacy professional someone focused on privacy practices, laws, and regulations.
Based on your location, the nature and size of your business, and the data you collect, you may be
required to have a privacy program in place. But even if you’re not (currently) required to do so, it may be necessary to keep up with your competitors. Recent surveys conducted by Cisco and TrustArc show that:
To embed, copy and paste the code into your website or blog:
While California understandably has received most of the attention given its recent passage of the California Privacy Rights Act (CPRA), several other states continue to move forward with consideration of their own privacy legislation. Indeed, Washington, Minnesota, and New York have had privacy legislation introduced, and at least 13 other states have privacy bills in committee. These bills have the potential to drastically impact the privacy obligations of businesses, including financial institutions.
One of the bills to which financial institutions must pay attention is New York s Senate Bill 567 (SB 567). If passed SB 567 would require covered businesses to provide privacy notices and give consumers the right to know the personal information that is being collected about them. In this regard, SB 567 borrows many of its obligations from the California Consumer Privacy Act (CCPA), including:
To embed, copy and paste the code into your website or blog:
On January 11, the Federal Trade Commission (FTC) announced it has settled with a California-based photo app developer involving allegations that it was building and using its users’ photos and videos to create facial recognition technology without their express consent.
Facial recognition software is typically comprised of three steps: detection, mapping, and identification. During the detection step, facial recognition software is developed to distinguish an individual’s face in an image or video from, say, a toaster. To do this, developers will train the software by introducing it to photos of known human faces. Once the software can distinguish a face from other objects, then it will analyze the face by mapping facial features, such as by measuring the width of the nose, eyes, mouth, and chin. Once the software has successfully mapped an individual’s facial features, it will typically then identify the individua
To embed, copy and paste the code into your website or blog:
2020 was an active year for HIPAA regulatory activity by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). In this article, we take a look at some of the HIPAA highlights from 2020 and offer thoughts about potential compliance focus areas for 2021.
HHS OCR Enforcement – Right of Access Initiative
2020 Highlights
Amid a challenging year, OCR announced a record 19 HIPAA resolution agreements in 2020, the most HIPAA resolution agreements ever announced in one year. Notably, roughly two-thirds of those enforcement actions were brought pursuant to OCR’s HIPAA Right of Access Initiative (the “Initiative”). The remaining enforcement actions dealt with familiar privacy and security issues such as breaches of protected health information (PHI) and failure to comply with the HIPAA Security Rule requirements.