Tag archives: Healthcare

CCPA – Health Research Bill Passes Legislature

Norton Rose Fulbright - Data Protection Report blog

Although the bill to amend the California Consumer Privacy Act (CCPA) to extend the so-called “B-to-B” and “employee” exceptions for one more year has garnered many headlines, the California legislature passed a second CCPA amendment (AB 713) that will be of interest to anyone involved in medical research as the new bill would ease some CCPA restrictions on research. The changes pertaining to healthcare data are expected to pass and are clearly responsive to additional needs to share information and conduct research on potential treatments and vaccines for the ongoing COVID pandemic. The bill has been sent to … Continue Reading

Uber as a HIPAA business associate

Norton Rose Fulbright - Data Protection Report blog

Uber recently announced the launch of Uber Health, a non-emergency ride service that allows healthcare providers to schedule and pay for transportation for their patients. The stated purpose of the service is to expand medical transportation to traditionally underserved areas. Roughly 3.6 million Americans miss medical appointments each year due to lack of reliable transportation, contributing to the roughly $150 billion per year the healthcare industry loses due to missed appointments.  … Continue Reading

Canada Passes Legislation Protecting Genetic Information

Data Protection Report - Norton Rose Fulbright

The Canadian Parliament recently passed Bill S-201, the Genetic Non-Discrimination Act, which protects individuals from having to disclose information related to genetic testing and test results. Specifically, the Act prohibits any person from requiring an individual to undergo a genetic test or disclose the results of a genetic test as a condition of providing goods or services to, entering into or continuing a contract or agreement with, or offering specific conditions in a contract or agreement with, the individual. Contravention of the Act is punishable by significant fines and even potential imprisonment. There are express exceptions for health care … Continue Reading

Anthem breach poses significant cybersecurity risks for Anthem’s customers; may trigger legal obligations

Data Protection Report - Norton Rose Fulbright

Organizations whose employees are insured by Anthem or whose self-insured health plans are administered by Anthem should consider steps to mitigate the cybersecurity and legal risk arising from the breach recently reported by Anthem.

The hackers who perpetrated the Anthem breach are likely to use the personal information they took for further cyberattacks against affected individuals and employers, including to gain access to business information using social engineering attacks and other methods. Anthem’s business customers are advised to take immediate steps to harden their cybersecurity defenses, raise cybersecurity awareness among employees concerning likely secondary attacks, and remain vigilant against further … Continue Reading