The Centers for Medicare and Medicaid Services’ (CMS) proposed reimbursements for certain telehealth services are a significant step forward for increasing access to telehealth services. The proposed revisions would benefit both providers and patients, allowing coverage for virtual visits and physician review of pre-recorded patient images and videos.
EU-US Privacy Shield Updates: Parliament Criticizes US Actions, and FTC Settlement with ReadyTech
There were two recent noteworthy developments related to Privacy Shield from both sides of the Atlantic.
California Enacts Consumer Privacy Act
The California Consumer Privacy Act’s swift passage is the result of a compromise reached between the backers of a ballot initiative and California legislators. There are similarities and differences between the Privacy Act and the European Union’s General Data Protection Regulation (GDPR) regime, but one thing that is common to both is the need for covered entities that collect or process the personal data of data subjects to understand what personal data is collected, why it is collected, how it is used, and with whom it is shared – in other words, core information governance principles.
The new law is the most comprehensive state privacy law passed to date. It will go into effect January 1, 2020 and comes on the heels of the GDPR which became effective on May 25, 2018.
Final Report on U.S. Government Policies and Public-Private Frameworks to Address Botnets, Security and Resiliency Challenges Released
This post is part of a continuing DBR on Data series on Executive Order 13800 and updates on its implementation a year after passage.
The U.S. Department of Commerce and the Department of Homeland Security, through the National Telecommunications and Information Administration (NTIA), has released the final report on enhancing the resilience of the Internet and communications ecosystem against botnets and automated distributed threats.
Singapore Taekwondo Federation Fined by Personal Data Protection Commission for Unauthorized Disclosure of Minors’ Information
Singapore’s Personal Data Protection Commission recently found that the Singapore Taekwondo Federation violated Singapore’s Personal Data Protection Act (PDPA) by failing to protect minors’ personal data on its website. The PDPA was enacted in 2012 to “govern the collection, use and disclosure of personal data by organisations in a manner that recognizes both the right of individuals to protect their personal data and the need of organisations to collect, use or disclose personal data for purposes that a reasonable person would consider appropriate in the circumstances.”
Federal IT Modernization Report Recommendations
This post is part of a continuing DBR on Data series on Executive Order 13800 and updates on its implementation a year after passage.
Strengthening federal information technology (IT) has been one of the priorities of the current administration, as outlined in the May 2017 Executive Order 13800. As summarized in our previous blog, the Director of the American Technology Council (ATC) was tasked, among other things, to coordinate the preparation of a report to the president regarding modernization of federal IT infrastructure. The draft report was made available for public comment in August, and finalized in December 2017. The final report’s implementation clock started on January 1, 2018.
Continue reading “Federal IT Modernization Report Recommendations”