US FDA Approaches to Artificial Intelligence

Share

Artificial Intelligence (AI) can be employed in a health care setting for a variety of tasks, from managing electronic health records at a hospital, to market research at a benefits management organization, to optimizing manufacturing operations at a pharmaceutical company. The level of regulatory scrutiny of such systems depends on their intended use and associated risks.

In the U.S., for medical devices using AI, one of the key regulatory bodies is the Food and Drug Administration (FDA), especially its Center for Devices and Radiological Health (CDRH). CDRH has long followed a risk-based approach in its regulatory policies, and has officially recognized ISO Standard 14971 “Application of Risk Management to Medical Devices.” That standard is over 10 years old now, and therefore is currently undergoing revisions – some of which are meant to address challenges posed by AI and other digital tools that are flooding the medical-devices arena.

Continue reading “US FDA Approaches to Artificial Intelligence”

FTC Announces Expanded Settlement with Uber

Share

The FTC withdrew its August 2017 administrative complaint and proposed consent agreement with Uber Technologies, Inc. (Uber) and issued a revised complaint against Uber Technologies, Inc. Uber has accepted a revised proposed consent agreement which will be subject to public comment for 30 days.

Continue reading “FTC Announces Expanded Settlement with Uber”

Online Tax Preparation Service Settles with FTC for GLBA Violations

Share

The FTC reached a settlement  with online tax preparation service TaxSlayer Online for allegedly violating the Gramm Leach Bliley Act’s (“GLBA”) Privacy Rule and Regulation P as well as the Safeguards Rule.

The Privacy Rule/Regulation P requires financial institutions to provide initial and annual notices to their customers informing them about what nonpublic personal information is shared with third parties. It also provides information about how consumers can opt out of certain information sharing.  Both the FTC and the Consumer Financial Protection Bureau enforce the Privacy Rule.

The Safeguards Rule requires financial institutions to use reasonable procedures to safeguard their customers’ nonpublic information. The FTC enforces the Safeguards Rule.

Continue reading “Online Tax Preparation Service Settles with FTC for GLBA Violations”

Cybersecurity and Adware: The FTC’s Settlement with Lenovo

Share

The FTC and 32 state attorneys general announced a settlement with Lenovo Inc., one of the largest computer manufacturers, resolving allegations that Lenovo harmed consumers by pre-loading software on some laptops that compromised security protections in order to deliver ads to consumers.

The FTC’s complaint alleged that in August 2014 Lenovo began selling consumer laptops that came with preinstalled ad-injecting software known as VisualDiscovery, which was developed by Superfish, Inc.  This adware delivered pop-up ads of similar-looking products sold by Superfish’s retail partners whenever a consumer’s cursor hovered over the image of a product on a shopping website. To facilitate its injection of pop-up ads into encrypted https:// websites, Visual Discovery installed a self-signed root certificate in the laptop’s operating system, which caused consumers’ browsers to automatically trust the VisualDiscovery-signed certificates.  Digital certificates are part of the Transport Layer Security protocol that, when properly validated, serve as proof that consumers are communicating with the authentic https:// website and not an imposter.

Continue reading “Cybersecurity and Adware: The FTC’s Settlement with Lenovo”

Death, Taxes and Cybersecurity

Share

If Ben Franklin were alive today, he would add cybersecurity to his famous quote “…in this world nothing can be said to be certain, except death and taxes.”  Cybersecurity is top of mind in every organization in part because of the recent massive ransomware attacks, new federal and state regulations (including the New York Division of Financial Services’ Cybersecurity Regulation) and the upcoming effective date of the European Union’s General Data Protection Regulation (GDPR).  There is no one-size-fits-all solution for organizations that want to shore up their cybersecurity vulnerabilities, but there are a lot of useful reports and advice from federal government agencies.

Continue reading “Death, Taxes and Cybersecurity”

©2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy