The U.S. Department of Health and Human Services (HHS) is about to rule whether health care entities will need to notify patients if their de-identified data — patient data that has been stripped of all potential for identifying individuals, which is often used for research and development — is breached. As it stands now, de-identified…
Category: Laws
Germany adopts stricter data protection law
On July 3, 2009, the German Federal Parliament passed comprehensive amendments to the Federal Data Protection Act (the “Federal Act”). These amendments also passed the Federal Council on July 10, 2009, and the revised law will enter into force on September 1, 2009. The new amendments cover a range of data protection-related issues, including marketing,…
Leahy trying again with data breach bill
Senate Judiciary Chairman Patrick Leahy (D-Vt.) has reintroduced a data breach bill that would set tougher rules for government agencies and private sector firms regarding consumers’ personal information. This will be the third time around the block for the Personal Data Privacy and Security Act, which has cleared the Judiciary Committee, but never come to…
Maine law limits collection of data on minors
David Navetta of InfoSecCompliance provides an overview of a new law in Maine that limits the collection of personal information of minors. The law, which goes into effect on September 12, 2009, has a provision for an individual cause of action in state court, unlike many privacy laws that do not provide for an individual…