Author: PBA Cybersecurity and Data Privacy

The Pennsylvania Cybersecurity and Data Privacy Committee analyzes cybersecurity issues and educates PBA members about legal, regulatory and industry standards that preserve the confidentiality of protected information.

Attorneys General Sue Google for Unfair and Deceptive Consumer Location Tracking Practices

Issue Washington D.C. Attorney General Karl Racine sued Google on January 24 for its deceptive location tracking practices in violation of D.C.’s Consumer Protection Procedures Act. AG Racine opened an investigation into this issue after a 2018 Associated Press article exposed Google’s data practice of tracking users even after the “location history” setting was toggled
Read More »

The Holidays are Here, and So is OCR Enforcement of HIPAA’s Right of Access

By Krishna Jani, Flaster Greenberg   On Nov. 30, 2021, the Office for Civil Rights (OCR) at the United States Department of Health and Human Services (HHS) announced the resolution of five investigations in its Health Insurance Portability and Accountability Act (HIPAA) Right of Access Initiative. This brings the total number of this type of
Read More »

FTC Issues Policy Statement Clarifying Data Privacy Obligations for Digital Health  

By Jennifer K. Wagner   On September 15, the Federal Trade Commission (FTC) issued a Policy Statement “On Breaches by Health Apps and Other Connected Devices,” the most recent step taken by the FTC to signal its interest in preventing abusive data practices and ensuring relevant consumer protections for digital health. This step came about
Read More »

FCRA Rule Changes Better Complement Dodd-Frank Act

By Anokhy Desai   On September 8, the Federal Trade Commission (FTC) approved “largely technical” changes to five Fair Credit Reporting Act (FCRA) rules that narrowed their scope to only apply to motor vehicle dealers, decreasing confusion for applicable entities that must look to the FTC or Consumer Financial Protection Bureau (CFPB) for guidance on
Read More »

Model Data Privacy Bill Approved: What the UPDPA Could Do for State Legislatures Across the Country

By Krishna Jani, Flaster Greenberg   In July 2021, the Uniform Law Commission (ULC) voted to approve the Uniform Personal Data Protection Act (UPDPA). The UPDPA is a model data privacy bill designed to provide a template for states to introduce to their own legislatures, and ultimately, adopt as binding law.   The UPDPA The
Read More »