Key Takeaways | How to Prepare for New State Health Privacy Laws - McDermott Will & Emery

Key Takeaways | How to Prepare for New State Health Privacy Laws

Overview



New state privacy laws regulating health data impose significant obligations and heightened litigation and regulatory risks. During this webinar, Elliot Golding and Sam Siegfried discussed how these laws apply, what they require, and practical tips to implement and operationalize compliance.

Top takeaways included:

  1. Consumer health data laws apply broadly. Businesses should examine whether and how these laws apply because some: (a) do not exempt HIPAA-regulated entities (California, Colorado and Washington) or nonprofits (Colorado and Washington), (b) apply even to small businesses (Washington, Nevada and Connecticut), and (c) cover health inferences derived from non-health data (e.g., online browsing activity).
  2. Enforcement risks are real, significant and increasing. State and federal regulators are actively investigating and enforcing these laws, which will increase now that the California Privacy Protection Agency can commence enforcement. Litigation has also been significant and will also increase once Washington’s private cause of action takes effect this month.
  3. Act now. Key compliance steps include:
    1. Updating or developing consumer health data privacy policies (including posting a distinct Washington notice using a distinct website hyperlink)
    2. Executing data processing contracts with service providers
    3. Obtaining consent to process health data that satisfies new heightened requirements
    4. Identifying and developing policies to manage cookies and tracking technologies to ensure compliance with transparency and consent requirements, such as implementing cookie consent management tools

Explore our interactive state privacy law map.

Dig Deeper

Webinar / McDermott Webinar / December 9, 2024

Key Takeaways | Understanding the Basics of Payor Contracting

Coral Gables, FL / Speaking Engagements / November 13-15, 2024

Consero's Chief Privacy Officer Forum

New Orleans, LA / Speaking Engagements / November 6-8, 2024

Cambridge Forum on Health Data Privacy & Emerging Issues

Get In Touch