Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
2025 Privacy Law Preview: Be Prepared
The American Privacy Right Act (APRA) explained
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
Navigating State Privacy Laws
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Embracing Data Privacy to Drive Business Growth: On Record PR
On June 6, 2025, the United States District Court for the Northern District of California dismissed a number of claims being brought against Google related to its alleged improper collection of health-related data though...more
Employers' access to, and retention of, employee medical information can be fraught with legal risk. Even the most seasoned HR professionals have trouble navigating the complex rules and regulations governing employee medical...more
An online retailer was recently hit with the first class action under Washington’s consumer health data privacy law alleging that it used advertising software attached to certain third-party mobile phone apps to unlawfully...more
The first class action complaint was filed under Washington’s My Health My Data Act (“MHMDA”) on February 10, 2025, more than a year after the law’s passage. When the law passed in April 2023, MHMDA was novel for its broad...more
On January 22, 2025, the New York State Assembly and Senate rapidly passed the wide-ranging New York Health Information Privacy Act (“NY HIPA”). If not vetoed by Governor Kathy Hochul, NY HIPA would be the fourth enacted...more
In a major development for all businesses handling health data, New York lawmakers passed a sweeping health data privacy bill Wednesday that could have far-ranging consequences across the country. S929, also known as the New...more
We have seen a dizzying amount of Federal Trade Commission (FTC or Agency) enforcement on the privacy front in 2024, with a heavy focus on the collection and sharing of health data, browsing and geolocation data, and...more
On April 26, the US Department of Health and Human Services Office for Civil Rights (OCR) published a Final Rule that adds protections under the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule...more
2023 brought a surge of data privacy developments, with a large expansion of state comprehensive privacy laws, litigation of new claims based on older laws (e.g. wiretapping and VPPA cases), increased scrutiny on data...more
Washington’s My Health My Data Act (MHMDA) was enacted in an effort to close a perceived gap in privacy protection for consumer health data. MHMDA’s focus on consumer health data and right of private action deviate from...more
This post is part of a series of articles we are doing on 2023 data protection litigation trends. Since its enactment in 2008, Illinois’s Biometric Information Privacy Act (BIPA) has produced a wave of privacy-related...more
On April 27, 2023, the Washington State governor signed into law the My Health My Data Act or the MHMDA. In spite of the onerous and at times confusing requirements of the MHMDA, the Washington Attorney General (AG) has only...more
On January 8, 2024, New Jersey’s State Legislature passed the Disclosure and Accountability Transparency Act (the “Data Act”). Following Governor’s signature within 45 days, the Data Act would take effect one (1) year after...more
With the flurry of new consumer privacy laws enacted in states across the country, it is vital for healthcare companies that are not regulated under HIPAA to remain informed of this changing landscape in order to plan and...more
...Innovation in connected medical devices is critical to advances in health care outcomes, user experience, and reducing costs. These exciting technologies also can be challenging when it comes to navigating the complex...more
On June 16, 2023, Nevada Governor Joe Lombardo signed SB 370 into law. This new law is a consumer health data bill that is similar in many ways to Washington’s My Health My Data Act (MHMDA). SB 370, like most provisions of...more
Texas Governor Greg Abbott signed into law the Texas Data Privacy and Security Act (TDPSA) on June 18, 2023. With the passage of TDPSA, Texas becomes the tenth state to adopt a consumer data privacy law. TDPSA passed the...more
In late April, Washington's governor signed the My Health My Data Act, or MHMD, into law. The law, which goes into effect next year, aims to regulate the vast amount of health-related data processing that takes place...more
The Health Information Portability and Accountability Act (“HIPAA”) has long been described as the floor for health care privacy laws and that states and regulators are free to enact more restrictive health care privacy laws....more
Introduction: Tracking Software in the Healthcare Industry - Privacy-related concerns have become increasingly prominent in recent years, especially with the widespread use of third-party tracking tools such as tracking...more
A patient surfs a hospital system’s website and reads an article about depression and anxiety. The patient then searches the hospital’s website for mental health providers in the area. A few hours later, the patient logs into...more
Report on Patient Privacy 22, no. 8 (August, 2022) - The Department of Justice (DOJ) seized around $500,000 in Bitcoin ransom paid by two health care organizations in Kansas and Colorado to North Korean ransomware actors...more
California, Virginia and Colorado have new privacy laws coming into effect in 2023. But now is the time to start preparing your business or organization for compliance. In this video series, we examine the different aspects...more
Report on Patient Privacy 22, no. 1 (January, 2022) - New Jersey issued its third settlement in three months on state-level health care privacy and security laws, announcing that three cancer care providers would adopt new...more
Do you want a simple way to keep current on important privacy changes? Avoid sleepless nights wondering whether you missed a privacy speed bump or pothole between annual updates? Worry no longer. Troutman Pepper is pleased to...more