What did GINA do? Created new national limits on the use of genetic information in health insurance and employment Highlights: · Prohibits health insurance companies from discriminating on the basis of genetic predispositions · No private right to action -but private rights of action may be available under the federal laws that GINA revises as […]
Family Educational Rights and Privacy Act (FERPA)
FERPA AKA Buckley amendment, about Senator James Buckley, who supported its enactment. FERPA includes major aspects of Fair Information Practice Principles (FIPPs), such as notice, consent, access and correction, security, and accountability.Provides students with control over disclosure and access to their educational records· Applies to all educational institutions that receive federal funding· No private right […]
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Enacted as part of the American Recovery and Reinvestment Act of 2009 to promote the adoption and meaningful use of health information technology Updated by Health Information Technology for Economic and Clinical HealthAct of 2009 (HITECH) Regulated by the Department of Health and Human Services(HHS) Does not preempt stricter state privacy laws (Ex: California Medical […]
“IAB Europe-TCF= Fine by Belgian DPA”
The Belgian DPA found that the Transparency and Consent Framework (TCF) developed by IAB Europe, fails to comply with a number of provisions of the GDPR. Background The Belgian DPA received complaints in 2019 about its reliance on the OpenRTB Protocol which focuses on real-time bidding and the automated use of user profiles within online […]
Austrian DPA on Google Analytics- A Quick Analysis
Quick Snapshot of the case DPA’s Observations Data transmitted through Google Analytics is Personal Data: In the DPA’s opinion, it is theoretically possible to link the transferred data back to a natural person through the combination of the vast amount of data transmitted. Therefore, a link to a person can be established (see Art. 4(1) […]
The Health Information Technology for Economic and Clinical Health Act (HITECH)
Strengthened HIPAA to address privacy impacts of the expanded use of electronic health records Breach: Mustnotify individuals within60 days of discovery · If more than 500 people, must notify HHS immediately · If 500 or more in the same jurisdiction, must notify media · All breaches requiring notice must be reported to HHS at least […]
Privacy Capsule: Your Privacy and Smart TV
Mailchimp, FISA & GDPR
It’s time to digest another Capsule! If I were to tell you using MailChimp is unlawful, you wouldn’t believe me, or would you? MailChimp is an email marketing company used around the world. How can it be unlawful? Well, turns out in one part of the world (Germany), a company had to stop using MailChimp. […]