Lexology July 27, 2023
Baker McKenzie

In brief

So far this year, three US states have passed laws with specific obligations related to consumer health privacy law: Washington, Connecticut, and Nevada. When it comes to California, the omnibus California Consumer Privacy Act (CCPA) applies also to the processing of health information. But, if the sectoral Confidentiality of Medical Information Act (CMIA) applies and is complied with, CMIA, and not the CCPA, applies. Most companies that do business in California are subject to CMIA, because the law applies to employers. Also, any business that offers software or hardware, including a mobile application, that enables a consumer to manage medical information must comply with CMIA.

Under CMIA, companies are prohibited from disclosing or using California residents’ medical information...

Today's Sponsors

Venturous
Got healthcare questions? Just ask Transcarent

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, Healthcare System, Privacy / Security, Regulations, States
Related Articles:
Patient Privacy at Risk: The Hidden Flaws in Healthcare Data De-Identification (And How to Fix Them)
New privacy screen protectors launched to help practices stay HIPAA compliant
2024 Privacy, AI & Cybersecurity Year in Review
European Commission Withdraws Draft Rules on Technology Patents, AI Liability and Consumer Privacy
EU pulls back – for the moment – on privacy and genAI liability compliance regulations

Share This Article