This alert focuses on the ongoing and developing privacy issues that have arisen for employers and healthcare providers communicating about the 2019 novel coronavirus (COVID-19).  Specifically, we will discuss the steps that employers and healthcare companies need to consider when communicating to its employees, the media and general public, and government officials when an individual has been diagnosed with the coronavirus or may have been exposed to the coronavirus.

On October 11, 2019, the California Governor, Gavin Newsom, signed into law five CCPA-amending bills and an additional CCPA-related bill that were awaiting his signature. The CCPA, or the California Consumer Privacy Act of 2018, gives California consumers certain rights to learn about and control how a business within the

On October 10, 2019, the California Attorney General, Xavier Becerra, announced at a press conference that his office has released proposed implementing regulations for the California Consumer Privacy Act (“CCPA”). The text of the proposed regulations is available here.

As background, the CCPA is a California privacy law that seeks to give California consumers the rights to know about and control the personal information that businesses collect about them. For a detailed discussion of the CCPA, please see our previous posts (available here and here).  

Effective tomorrow, October 1, 2019, the existing Nevada Privacy of Information Collected on the Internet from Consumers Act will be amended to include a consumer right to opt out from the sale of personal information and to impose verification requirements on “Operators” covered by the law. The existing law requires such covered entities to post privacy notices. The new consumer opt-out right was added through Senate Bill 220 (“SB 220”), which was signed into law earlier this summer. While this addition to Nevada’s privacy framework draws comparisons to consumer rights afforded under the California Consumer Privacy Act (the “CCPA”), the act, as amended by SB 220, applies to a much narrower category of businesses and is limited to certain types of “Covered Information” that are transferred as part of a “Sale” of data.  

In an effort to give consumers more control over the data businesses collect from and about them, the California legislature passed the California Consumer Privacy Act (CCPA) in 2018 (and amended it a few months later). The CCPA gives consumers the right to know about and have deleted

Businesses and California consumers are one step closer to understanding what their respective obligations and rights are under the California Consumer Privacy Act of 2018 (the “CCPA”). The CCPA is California’s landmark legislation that seeks to give California consumers the rights to learn about and control certain aspects of how a business handles the personal information that a business collects about them.  It achieves this by requiring businesses to implement certain measures that enable consumers to exercise these rights. For an in-depth discussion of the CCPA more generally, please read our previous posts (here and here).   

Reflecting the movement to toughen data security laws on a state-by-state basis, on July 25, 2019, Governor Cuomo signed into law the Stop Hacks and Improve Electronic Data Security Act (the “SHIELD Act” or the “Act”). The Act amends New York State’s current data breach notification law, which covers breaches