Regulations

Nevada Health Data Privacy Bill

The State of Nevada has adopted its own Health Data Privacy Act which will be effective March 31, 2024. This Act was modeled after Washington's My Health Data Act, but unlike it, the Act doesn't carry a private right of action. The adoption of this Act shows the growing concerns about health data privacy and more generally about data privacy.

Click to read more

The EU Data Act Is Shaping Up

The Data Act is a legislative proposal to regulate how industrial data is accessed and shared. It concerns Business-to-Customer and Business-to-Business data-sharing. Some points are still discussed such as how to deal with trade secrets, the territorial scope, the problem of product safety and the date of application. Furthermore,Cloud providers are mandated to avoid creating barriers for users wanting to switch to a different provide.

Click to read more

The AI Act Is Underway With The AI Rulebook Adopted

The AI rulebook is part of the AI Act, a European legislation pertaining to Artificial Intelligence (AI).

On June 14th, changes were enacted on the text, where all propositions that hadn't been agreed upon in committee were dismissed. New and more specific duties were put forth for high-risk AI providers and the need to conduct assessments of fundamental rights impacts and environmental impact monitoring was introduced. Following this, inter-institutional discussions will be held between the EU Parliament, the EU Council of Ministers, and the European Commission. T

Click to read more

BioTech & MedTech

A New Framework For Data And AI Between The US And The UK

The Atlantic Declaration between the US and the UK establishes the need for a new data bridge between the two countries. The establishment of this data bridge could significantly streamline the process of data transfers for everyone involved.To achieve this, some adjustments still need to be  made on both sides of the pond.
The Declaration also announces an accelerated cooperation with a focus on ensuring the safe and responsible development of the technology. The countries will also deepen the collaboration on Privacy Enhancing Technologies (PETs).

Click to read more

Clinical Test Data Of 2.5 million People Stolen From Biotech Company Enzo Biochem

Enzo Biochem experienced in April a ransomware attack that impacted 2.5 million people. Test information, names and 600 000 social security numbers were stolen. The company, upon notice of the ransomware attack, deployed containment measures such as disconnecting its systems from internet, and notified law enforcement. They are still evaluating the full cost and impact of this attack. The company confirmed in the SEC filing that this event had brought srcutiny from regulatory authorities.

Click to read more

The European Commission and WHO : Digital Health Partnership

The EU Commission and World Health Organization launched on June 5th a digital health partnership. “Building on the EU’s highly successful digital certification network, WHO aims to offer all WHO Member States access to an open-source digital health tool, which is based on the principles of equity, innovation, transparency and data protection and privacy,” said Dr Tedros Adhanom Ghebreyesus, WHO Director-General. “New digital health products in development aim to help people everywhere receive quality health services quickly and more effectively”.

Click to read more

Artificial Intelligence

Bias in AI-based Models For Medical Applications: Challenges And Mitigation Strategies

AI is increasingly used or planned to be used in healthcare from AI-augmented clinical research to algorithms for image analysis or disease prediction. While artificial intelligence holds immense potential, it also poses certain threats, such as the propensity for bias, which predominantly affects marginalized communities. AI model development stages like data collection, creation, evaluation, and clinical deployment can introduce bias. Broad data access is crucial for model training but should honor privacy norms.

Click to read more

G7 Data Protection Authorities Point To Key Concerns On Generative AI

The G7 Data Protection and Privacy Authorities (DPAs) met on the 20th and 21th of June in Japan to discuss key privacy and data protection topics, including the development of the concept of Data Free Flow with Trust (DFFT) and its future operationalization, emerging technologies and enhancing enforcement cooperation. Following their meeting, the G7 DPAs issued a brief on generative AI, highlighting key privacy and data protection risk areas.

Click to read more

Big Data

The Development Of Blockchain

The potential of blockchain technology extends into various sectors, including healthcare. This technology could facilitate a secure exchange of a patient's health records. A decentralized approach would enhance data security and enable tracking of record access, revealing who has accessed the data and who has the authority to do so. Thus Blockchain could be an answer to the conundrum between privacy, security and the need to share the data with all interested parties.

Click to read more

Data Privacy Enforcement

PRHC Reaches $988K Proposed Settlement For Patient Privacy Breaches In 2011-2012

The Peterborough Regional Health Centre (Canada) proposed a settlement of $988,550 in a class-action lawsuit relating to patient health records being wrongfully accessed by former employees in 2011-2012. Approximately 280 patients were affected by these patient privacy beaches where their personal information was inappropriately accessed. This demonstrates the importance of implementing a robust policy for access control, otherwise, adverse effects may ensue.

Click to read more

FTC Against Genetic Testing Company 1Health

The Federal Trade Commission (FTC) issued an administrative complaint against the genetic testing firm 1Health.io as it left sensitive genetic and health data unsecured, deceived consumers about their ability to get their data deleted, and changed its privacy policy retroactively without adequately notifying and obtaining consent from consumers whose data the company had already collected. The FTC proposed a settlement which includes DNA deletion requirements, the prohibition of sharing health data with third parties and $75,000 as consumer refunds.

Click to read more

Home

Discover our latest newsletter

View All Newsletters
Mar 2024
Regulations & Guidelines
AI
Data Privacy Enforcement
Data Governance
Biotech & Healthtech

Newsletter #11

As we kick off 2024, the eleventh edition of our newsletter zeroes in on the most recent developments in privacy regulations and guidelines. It also spotlights the latest happenings in the Biotech and Healthtech sectors related to data. Don't miss our podcast recommendations, featuring an enlightening interview with OWKIN's CEO and a compelling discussion on the intersection of developers and privacy. Enjoy!

Feb 2024
Regulations & Guidelines
PET
Data Privacy Enforcement
AI
Data Breach & Cybersecurity

Newsletter #10

2024 already delivers its promises - this month was stacked with guidelines, regulations, new. Here's your monthly digest !

Jan 2024
Regulations & Guidelines
AI
Data Privacy Enforcement
Cybersecurity
Healthcare

Newsletter #9

Here's a wrap-up of all the latest privacy news from December 2023 !