LabMD Update

Last September, I reported on the Federal Trade Commission’s decision upholding its enforcement action against the now-defunct clinical laboratory LabMD, Inc. In 2013, the FTC brought an administrative complaint against LabMD, alleging that its lax cybersecurity practices resulted in the exposure of patient data. As I wrote last year, exposure was the key word, as the FTC did not allege any actual data theft or other tangible harm to patients.
Read the rest of this entry »

Filed under Legal & Regulatory, Privacy

FTC Muscles in on Health Privacy

600px-US-FederalTradeCommission-Seal.svgIn its July 29, 2016 decision in LabMD, Inc., the Federal Trade Commission clearly signaled its intent to get more involved in the regulation of health privacy. Specifically, the case indicates that the agency intends to go well beyond its traditional role of protecting consumers against deception and to begin scrutinizing the nuts and bolts of companies’ health data security practices.
Read the rest of this entry »

Filed under Legal & Regulatory, Pending Regulation, Privacy, Privacy

Biometrics: A Developing Regulatory Landscape for a New Era of Technology

eyeball_nJames Bond and Ethan Hunt have been using facial recognition, fingerprint scanning, and optical readers for years on the silver screen. In the real world, the use of technology that identifies unique physical characteristics of individuals (“biometrics”) is rapidly becoming more prevalent. In fact, the Department of Homeland Security uses facial scanning to identify potential terrorists, federal agencies have adopted fingerprint technology to confirm the identity and immigration status of aliens, and private entities have begun implementing palm and retina scanners and other identifiers to complete financial transactions or control access to secure information. Even the new iPhone 5 contains “Touch ID” technology, where a sensor quickly reads the user’s fingerprint and automatically unlocks the phone for the correct fingerprint.
Read the rest of this entry »

Filed under Bioinformatics/IT, General Interest, Privacy

Big Changes Coming in EU Privacy Law

The European Union is about to make major changes in its privacy law that will have a significant impact on U.S. companies that do even modest amounts of business in Europe. On January 25, 2011, the European Commission (the EU’s executive branch) released a long-awaited Draft Regulation on the Protection of Individuals with Regard to the Processing of Personal Data and on the Free Movement of Such Data (pdf).

While it will likely be a year or more before a final regulation takes effect, and there will almost certainly be amendments along the way, American companies – including those involved in the field of personalized medicine, where personal data is paramount by definition – should start paying attention now, since they may have to change the way that they do business in Europe.

Read the rest of this entry »

Filed under General Interest, Industry News, International Developments, International News, Legal & Regulatory, Pending Regulation, Privacy