The Senate Health, Education, Labor and Pensions Committee recently passed the Opioid Crisis Response Act of 2018 (OCRA) – a bipartisan package of more than 40 proposals designed to help families and entire communities affected by the nation-wide opioid crisis.
Continue reading “Continued Special Privacy Treatment for Substance Use Disorder Information”
The Securities and Exchange Commission (SEC) announced its most significant case ever filed against a respondent for one of the world’s largest data breaches. Albata, Inc., f/d/b/a Yahoo! Inc., (“Yahoo”) settled with the SEC to charges of violating Section 17(a)(2) and 17 (a)(3) of the Securities Act of 1933 (“Securities Act”), amongst other charges, and agreed to various remedies, including a $35 million penalty.
Continue reading “SEC Cyber Unit Brings Groundbreaking Data Breach Case”
Assistant Attorney General of the U.S. Department of Justice (DOJ), Antitrust Division, Makan Delrahim recently spoke at the University of Chicago’s Antitrust and Competition Conference and discussed how U.S. antitrust law should treat “big data.” According to Delrahim, antitrust law is “flexible enough to address competition issues from emerging platforms,” including large tech companies like Google and Facebook that possess significant market share within their lines of business and simultaneously aggregate vast sums of personal data from consumers.
The Senate officially confirmed the five nominees to the Federal Trade Commission on April 26. As noted in previous blogs, Joseph Simons will become the new chairman and Joshua Phillips, Rebecca Slaughter and Rohit Chopra will join the Commission immediately.
Continue reading “Senate Confirms All Five Nominees to the FTC”
The Sedona Conference®, a nonprofit research and educational think tank dedicated to the advanced study of law, particularly in information governance, has released its Incident Response Guide , open for public comment through June 19, 2018. Drafted by Working Group on Data Security and Privacy Liability (WG11), the guide is meant to serve as a practical resource for practitioners dealing with the legal, technical, and policy issues related to data-related incidents – from distributed denial-of-service to ransomware attacks.
Artificial Intelligence (AI) can be employed in a health care setting for a variety of tasks, from managing electronic health records at a hospital, to market research at a benefits management organization, to optimizing manufacturing operations at a pharmaceutical company. The level of regulatory scrutiny of such systems depends on their intended use and associated risks.
In the U.S., for medical devices using AI, one of the key regulatory bodies is the Food and Drug Administration (FDA), especially its Center for Devices and Radiological Health (CDRH). CDRH has long followed a risk-based approach in its regulatory policies, and has officially recognized ISO Standard 14971 “Application of Risk Management to Medical Devices.” That standard is over 10 years old now, and therefore is currently undergoing revisions – some of which are meant to address challenges posed by AI and other digital tools that are flooding the medical-devices arena.
Continue reading “US FDA Approaches to Artificial Intelligence”
