A breach at health care company, Kaiser Permanente exposed the data of ~13.4 million past and present customers who are now being notified by the company of the event. The company clarified the information was shared with other organizations inadvertently, rather than having been hacked or sold, and the company is both investigating the data situation and looking at how to guard against future problems.
The Biden administration affirmed the HIPAA Privacy Rule to Support Reproductive Heath Care Privacy. This rule supports women’s privacy by barring doctors and health plans from having to disclose health information about abortions to state officials. The objective is to ensure that information about “legal reproductive care” remains confidential and can’t be collected by state officials for criminal investigation and other use.
Narrow, but interesting for auto privacy buffs is a new law Utah is enacting – the Utah Motor Vehicle Data Protection Act. This states that car brand companies (franchisors) cannot force car dealerships (their franchisees) to provide access to consumer data held in the dealer data systems. The law does not incorporate protection of data the cars can generate, nor data that can be obtained via devices people connect to their cars.
A Florida district judge has dismissed a lawsuit brought by tech industry associations challenging a new law designed to restrict minors’ use of social media. The judge said the associations, whose members include Meta, Google, and YouTube, had not shown the law would apply to them. He said they could refile the suit with evidence that it would.