California passed Assembly Bill (AB) 2089, which amends the Confidentiality of Medical Information Act (CMIA) to include mental health application information under the definition of medical information. Under the revisions to CMIA, mental health application information is defined as information related to a consumer’s inferred or diagnosed mental health or substance use disorder, as
Jason C. Gavejian
California Consumer Privacy Act FAQs: Employment Information
1. What’s changing?
Under the current version of the California Consumer Privacy Act (“CCPA”), an employer’s obligations related to the personal information it collects from employees, applicants, and contractors residing in California (collectively, “Employment Information”) are relatively limited. Specifically, it needs to (1) provide those individuals a “notice at collection” that discloses the categories of…
California Adopts Law that Seeks to Protect Children’s Online Privacy
California’s Governor signed Assembly Bill (AB) 2273, the first of its kind state legislation that requires businesses that provide online services, products, or features likely to be accessed by children to comply with specified standards.
Read the full article at Jackson Lewis’ Workplace Privacy, Data Management & Security Report.
California Expands Privacy and Security Requirements for Genetic Data
With health-related data and how to protect it at the forefront of discussion since the start of the COVID-19 pandemic, this week California Governor Gavin Newsom signed into law two bills related to genetic data. First, AB 825, will expand the definition of personal information to include genetic data, for data breach notification requirements…
California Passes Prop 24: Here Comes CCPA 2.0
It goes without saying that November 3rd 2020 was an important day for the future of the nation, but it was also a significant day for the future of California privacy law. On Tuesday, a strong majority of California voters supported Proposition 24, a ballot measure which aims to expand and enhance the …
California Governor Newsom Signs into Law Extension to CCPA Employee Personal Information Exemption, Vetoes Another Privacy Bill
On September 29th, California Governor Gavin Newsom signed into law AB 1281, an amendment to the California Consumer Privacy Act (“CCPA”) that would extend the current exemption on employee personal information from most of the CCPA’s protections, until January 1, 2022. The exemption on employee personal information was slated to sunset on December…
California Consumer Privacy Act FAQs for Covered Businesses
Set to take effect January 1, 2020, the California Consumer Privacy Act (CCPA), considered one of the most expansive U.S. privacy laws to date, places limitations on the collection and sale of a consumer’s personal information and provides consumers certain rights with respect to their personal information.
Organizations should be doing their best to determine…
Does the CCPA Apply to Your Business?
The California Consumer Privacy Act (CCPA), considered the most expansive U.S. privacy laws to date, is set to take effect January 1, 2020. In short, the CCPA places limitations on the collection and sale of a consumer’s personal information and provides consumers certain rights with respect to their personal information. Wondering whether they will…
California Consumer Privacy Act: FAQs for Employers
Data privacy and security regulation is growing rapidly around the world, including in the United States. In addition to strengthening the requirements to secure personal data, individuals are being given an increasing array of rights concerning the collection, use, disclosure, sale, and processing of their personal information. Meanwhile, organizations’ growing appetite for more data, and…
California May Lower the Standing Threshold in Data Breach Litigation
A key issue for any business facing class action litigation in response to a data breach is whether the plaintiffs, particularly consumers, will have standing to sue. Standing to sue in a data breach class action suit, largely turns on whether plaintiffs establish that they have suffered an “injury-in-fact” resulting from the data breach. Plaintiffs…