Skip to content

Privacy Data Updates

Penalties will not be imposed against covered entities or business associates for good faith use of WBSAs to schedule appointments for COVID-19 vaccinations; PHI should be returned to the covered health care provider or destroyed no later than 30 days after the appointment, and calendar privacy settings should hide names or show only individuals’ initials.

Covert Surveillance: California Complaint Alleges Online Retailer Invaded Privacy

The class complaint alleges that the retailer, without its employees’ consent, used its live tool and social media bank to intentionally tap their electronic communications, intentionally furnished wiretap devices that were designed to exclusively eavesdrop on communications (it wanted to secretly observe and monitor confidential union posts), and intentionally invaded the employee privacy rights by accessing private communications.

Consumer Reports: New York Court Finds Report Not Misleading

Plaintiff alleged that an entry on his consumer report was inaccurate and misleading because it said that payments for his account were overdue when he had transferred his account to another company and no longer owed the Defendant any money; the Court stated that, when read in the context of the entire report, the entry was not misleading because the account was historically overdue from before the account was transferred to another company.

Legislation: Utah Amends the Electronic Information and Data Privacy Act

If passed, law enforcement agencies must have a warrant to obtain location information, electronic information or data transmitted to a provider of a remote computing service, or through a provider of an electronic communication service; owners of devices, information, or data must be notified within 90 days of it being obtained by law enforcement.