On April 27, 2023, Washington’s Governor signed Washington’s My Health, My Data Act (“WMHMDA” or “Act”). Starting March 31, 2024, most entities subject to the Act will have certain obligations towards consumer health data,[1] including providing consumers with the right to access their information, withdraw their consent to certain processing, and request the deletion

On April 27, 2023, Washington’s Governor signed Washington’s My Health, My Data Act (“WMHMDA” or “Act”). Beginning March 31, 2024, most entities subject to the Act will have certain obligations towards consumer health data,[1] including providing consumers with the right to access their information, withdraw their consent to certain processing, and request the deletion

It is important to always confirm and understand all the various requirements of laws applicable to the sensitive personal information being processed.
Continue Reading Processing Sensitive Personal Information under U.S. State Privacy Laws

Greenberg Traurig Shareholders Breton H. Permesly and Tyler J. Thompson will present the CLE webinar, “Personal Information in the Franchise Relationship,” on Wednesday, June 28 at 12:30 pm EDT. As privacy laws proliferate around the world while the value of customer personal information simultaneously increases, data has never been riskier or had

All modern privacy statutes regulate when personal information can be shared with third parties, whether those third parties are service providers, vendors, contractors, or business partners. Most modern privacy statutes recognize, however, that privacy risks are reduced when the third party is related to the organization from which the data originates. As the following chart

On April 17, 2023, the Washington State Legislature passed the “My Health My Data Act” (WMHMDA), which will take effect for most companies March 31, 2024. Unlike other modern state privacy laws that purport to regulate any collection of “personal data,” WMHMDA confers privacy protections only upon “Consumer Health Data.” This term is defined to

Greenberg Traurig is a sponsor of the Privacy + Security Forum 2023 Spring Academy May 10-12 in Washington, DC. The conference will break down the silos of privacy and security and bring together seasoned thought leaders, who will host virtual sessions and workshops designed to deliver practical takeaways for all conference participants.

Wednesday, May 10

In September 2021, Quebec’s Parliament updated its data privacy regime by passing the Act to Modernize Legislative Provisions as Regards the Protection of Personal Information, 2021 (“Law 25”). It is critical to determine whether an organization is subject to Law 25, as there are potential fines of up to 4% of an organization’s worldwide turnover.

Most of the modern state data privacy laws have attempted to exclude from their jurisdictional reach organizations that process de minimis amounts of personal information. The state statutes create different thresholds for what constitute de minimis processing base those thresholds largely on whether the organization sells personal information. The net result is that most states

Data protection authorities worldwide, including France’s Commission Nationale de l’Informatique et des Libertés (CNIL), the California attorney general (CAG), and the U.S. Federal Trade Commission (FTC), recently have indicated their intention to increase privacy enforcement efforts against mobile apps. As the digital landscape continues to evolve, data protection and privacy concerns remain