Brazil’s LGPD Takes Effect—With Early Enforcement

Brazil represents over half of all IT spend in Latin America, has the largest regional market for software outsourcing, employs a sizable IT workforce, manufactures consumer goods (including commercial airplanes and cars) and has an active consumer market of social media operated by global data aggregators. At a time when data privacy is becoming increasingly important to consumers, it seems only fitting that Brazil would adopt comprehensive privacy legislation to protect data privacy rights. The General Data Protection Law, the first law of its kind in Brazil, is now in effect, and we are already seeing enforcement. Streamlining the legal framework on data protection, the law sets forth a number of requirements addressing legal bases for processing, individual rights, governance and accountability and data transfers. Access the article.

Continue Reading

The Uncertain “State” of US Data Protection Law: California Leads the Way

The California Consumer Privacy Act of 2018 (CCPA), which took effect this year, introduced a complicated data protection framework for the personal information of California residents, imposing a variety of new obligations on affected businesses. Although the interpretation of many of the CCPA’s provisions remains unsettled—and proposed regulations are still pending— the CCPA’s original architects have already advanced another proposed law, the California Privacy Rights Act (CPRA), which will be decided in a statewide referendum this November. If enacted, the CPRA would substantially amend the CCPA, granting consumers additional rights and imposing further liability on businesses. Whether or not it passes, the proposed CPRA highlights the fluid state of the US legal environment for data protection, which has left businesses around the world struggling to account for the uncertain risks and compliance costs posed by these developments. It did not have to be...

Continue Reading

Privacy Considerations for COVID-19 Digital Contact Tracing

Generally, contact tracing refers to an effort by public health officials to identify individuals with whom a patient who has tested positive for an infectious disease has been in close proximity. Public health officials will inform these individuals that they were exposed to a contagious patient and encourage them to monitor their symptoms and quarantine for a period of time. In response to COVID-19, governments around the world have explored using digital contact tracing, by which smartphone users download an application (app) to enable public health officials to track infected individuals’ contacts. In addition, private sector companies are exploring how digital technologies can be used for contact tracing on employees as they reenter the workplace. Click here to read the full article, and many more in our latest International News: Focus on Global Privacy and Cybersecurity.

Continue Reading

Uber Criminal Complaint Raises the Stakes for Breach Response

On August 20, 2020, a criminal complaint was filed charging Joseph Sullivan, Uber's former chief security officer, with obstruction of justice and misprision of a felony in connection with an alleged attempted cover-up of a 2016 data breach. These are serious charges for which Mr. Sullivan has the presumption of innocence. At the time of the 2016 data breach, Uber was being investigated by the US Federal Trade Commission (FTC) in connection with a prior data breach that occurred in 2014. According to the complaint, the hackers behind the 2016 breach stole a database containing the personal information of about 57 million Uber users and drivers. The hackers contacted Uber to inform the company of the attack and demanded payment in return for their silence. According to the complaint, Uber's response was to attempt to recast the breach as a legitimate event under Uber's "bug bounty" program and pay a bounty. An affidavit submitted with the complaint portrays a...

Continue Reading

The Toughest Problem Set: Navigating Regulatory and Operational Challenges on University Campuses

When the academic year ended in the spring of 2020, many US university students assumed that a return to campus would be straightforward this fall. However, it is now clear—at least in the near term—that a return to the old “normal” will not be possible. Some universities have concluded that their best course of action is to offer only distanced learning for the time being. Other universities, however, are welcoming students back onto campus, and into residence and dining halls, classrooms, labs and libraries. Each of those universities is developing its own approach to retain the benefits of on-campus student life while reducing risk to the greatest extent possible; nevertheless, some have had to adjust their plans to pivot to remote learning when faced with clusters of positive cases on campus. One thing is clear: The fall semester will be a real-time, national learning laboratory. Because widespread, rapid testing remains unavailable in many locations,...

Continue Reading

Digital Health at Scale: The Payor Perspective

The COVID-19 pandemic has catalyzed efforts by health insurers to expand reimbursement for telehealth services and digital health tools, and develop and invest in their own digital health technology. Health insurers, who increasingly play a hybrid role of payor, innovator and provider, have a vested interest in helping consumers manage chronic diseases and engage in preventive care from home, both during the public health emergency and after. Joined by leaders from Humana, Oscar, and Medorion, we discussed the role of health insurers in the evolving digital health market, reimbursement pathways for digital tools and innovative partnerships between technology companies and health insurers. Click here to listen to the webinar recording, and read on for highlights from the program. PROGRAM INSIGHTS COVID-19 has accelerated the integration of digital health into the traditional health insurance framework. Pre-COVID-19, health insurers were using digital health...

Continue Reading

Remote Care Providers Await Final New Jersey Registration and Reporting Regulations

In 2017, the New Jersey legislature passed the New Jersey Telehealth and Telemedicine Act (codified at N.J.S.A. 45:1-61 et seq.), which established registration and reporting requirements for “telemedicine and telehealth organizations.” After a multi-year wait for details regarding the registration process, the New Jersey Department of Health (NJ DOH) published a proposed rule in April 2020 that brought providers of telehealth services in New Jersey one step closer to the implementation and enforcement of the registration requirements. A final rule is expected by April 2021. New Jersey providers are also expecting the publication of a proposed rule detailing the reporting requirements for registered organizations. While the coronavirus (COVID-19) public health emergency has led many states to implement waivers and other measures to allow for the expansion of remote healthcare services within their states, telehealth and telemedicine organizations operating in...

Continue Reading

CMS Takes a Preliminary Step to Make Certain COVID-19 Waivers Permanent

On August 4, 2020, the Centers for Medicare and Medicaid Services (CMS) released a proposed rule to update its payment policies under the Medicare Physician Fee Schedule (PFS) for calendar year 2021. The proposed rule was issued in tandem with a presidential executive order, which directed the Secretary of the US Department of Health and Human Services (HHS) to propose regulations expanding telehealth services covered by Medicare. CMS stated that the proposed rule “is one of several proposed rules that reflect a broader Administration-wide strategy to create a health care system that results in better accessibility, quality, affordability, empowerment, and innovation.” In response to the coronavirus (COVID-19) public health emergency (PHE), CMS has issued several temporary waivers and flexibilities that expand telehealth reimbursement under Medicare, Medicaid and the Children’s Health Insurance Program for the duration of the COVID-19 PHE. CMS issued these...

Continue Reading

TREATS Act Aims to Expand Use of Telehealth to Treat Substance Use Disorder

A bipartisan pair of US senators have proposed legislation that would allow certain controlled substances to be prescribed via an initial telehealth encounter and—under certain conditions—expand Medicare reimbursement of audio-only substance use disorder treatment services. The proposed TREATS Act has been referred to the Senate Committee on Health, Education, Labor, and Pensions, and could significantly reduce the regulatory burdens associated with the remote prescribing of controlled substances. For more than a decade, healthcare providers in the United States have been largely prohibited from prescribing controlled substances via telehealth without having previously performed an in-person medical evaluation of the patient. Although Congress created the framework for a “special registration” pathway that has the potential to more broadly permit the practice, the Drug Enforcement Administration (DEA) has not issued regulations to implement it. This has been...

Continue Reading

Schrems II Special Report: What Does the CJEU’s Decision Mean for Transfers From the EEA to the US?

For our Schrems II Practical Guidance special report, members of McDermott’s internationally recognized Global Privacy & Cybersecurity group have outlined practical guidance and next steps to ensure your business is prepared for what’s next following the final ruling in Data Protection Commissioner v. Facebook Ireland Limited, Maximillian Schrems. As your organization navigates the post-Schrems II landscape following the CJEU’s recent decision, consider McDermott your first point of call. We have deep experience advising global clients on compliance with the complex array of privacy and cybersecurity obligations affecting data that crosses borders or relates to foreign employees and individuals. Practical Guidance for Businesses (US Edition) Practical Guidance for Businesses (Global – EEA/UK Edition)

Continue Reading

STAY CONNECTED

TOPICS

ARCHIVES