Privacy

The Department of Health and Human Services (“HHS”) may have signaled its interest in pursuing more enforcement actions against business associates. On May 24, 2019, the HHS Office for Civil Rights (“OCR”), released a fact sheet on the...

Read More →

In the year since the General Data Protection Regulation (“GDPR”) went into effect on May 25, 2018, companies worldwide have been adapting to the new privacy rules—and EU regulators have also been busy adjusting to the new...

Read More →

Arkansas has updated its breach notification law to expand the definition of “personal information” and to require notifying the Arkansas Attorney General when a breach involves more than 1,000 individuals’ personal information. On April 15, 2019, Governor...

Read More →

On May 7, 2019, Governor Jay Inslee signed a bill (HB 1071) that strengthens the state’s existing data breach notification law by expanding the definition of “personal information” and reducing the time an entity has to...

Read More →

The Department of Health and Human Services (“HHS”) recently issued a Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties (“CMPs”) in which it lowered the maximum annual fines that can be assessed against covered entities and...

Read More →

The Death Knell for Class Arbitration?

May 6, 2019 | 0 Comments

On April 24, 2019, the U.S. Supreme Court held in Lamps Plus v. Varela that under the Federal Arbitration Act (“FAA”), class arbitration is only permitted when explicitly provided for in arbitration agreements. The 5-4 decision...

Read More →

While many companies are struggling to make sense of the California Consumer Privacy Act (“CCPA”) (see our prior posts here and here) and roll out their CCPA compliance programs, the California Assembly Privacy and Consumer Protection Committee...

Read More →

Law enforcement agencies are increasingly requesting that courts allow them to compel suspects to unlock electronic devices with their biometrics. As of yet, though, courts confronted with the question have come up with no unified answer...

Read More →

On March 21, 2019, Advocate General Maciej Szpunar (“Advocate General” or “AG”) of the Court of Justice of the European Union (“CJEU”) issued an opinion in which he recommended that the Court rule that pre-checked boxes...

Read More →

Utah has become the first state to legislatively dictate that law enforcement must obtain a warrant based on probable cause before forcing internet service providers to turn over users’ content, location information, and other records...

Read More →