A new law that amends the California Confidentiality of Medical Information Act (CMIA) may provide some relief to HIPAA covered entities and business associates, some of whom have faced class action lawsuits seeking millions in statutory damages under the CMIA for large-scale data breaches. The changes to the CMIA are summarized in this entry.
California has become the latest state to pass a law prohibiting employers from requesting access to employees’ and job applicants’ social media information or accounts.
A new agreement this week between mobile app platform operators and the California Attorney General effectively creates enforceable, nationwide mobile app privacy standards that companies will need to follow going forward.
The California Attorney General recently launched an on-line form for businesses to report breaches of security, which is described in this entry.
A new amendment to California’s security breach notification statute establishes specific content requirements for data breach notifications and imposes a new Attorney General notification requirement for breaches affecting more than 500 California residents.
The U.S. Court of Appeals for the Ninth Circuit held on August 6, 2009 that standing for private plaintiffs under the CAN-SPAM Act is limited. Judge Richard Tallman, who authored the court’s opinion in Gordon v. Virtumundo, Inc., No. 07-35487 (Aug. 6, 2009, 9th Cir.), noted that this was the first case in which the […]