Providing timely updates and perspectives on current events, legislation, regulatory enforcement, and a myriad of other topics that pertain to the collection, use, disclosure, and protection of data.
Warning from FTC Regarding Scope of Health Breach Notification Rule
As the collection and use of health data drastically expands, the agency issued a recent guidance to officially put health apps and connected medical devices “on notice.”
On September 15, the Federal Trade Commission (“FTC”) held a meeting and published a policy statement to put connected medical device and health application (“app”) providers on notice that they are subject to the ongoing obligations of the Health Breach Notification Rule (the “Rule”) and that the FTC intends to begin enforcing the Rule. The Rule was first published in 2009, but the FTC has never enforced it and there are few examples of businesses providing breach notices pursuant to it.
Bipartisan Bill Seeks to Regulate COVID-19 Exposure Notification Apps
On June 1, 2020, U.S. Senators Maria Cantwell (D-WA) and Bill Cassidy (R-LA) introduced bipartisan legislation, or the Exposure Notification Privacy Act (“Act”), to the Senate.[1],[2] The Act would regulate coronavirus contact-tracing and exposure-notification apps, which different U.S. states have been developing as part of efforts to track the spread of the virus and to notify individuals who may have been exposed to the virus.