Health-related apps are widely available for smartphones and watches. There is no shortage of connected health-monitoring devices such as personal glucose and heart rate monitors.

These apps and devices read, track and record both health-related information and, by signing up for or registering the app or device, information that identifies the particular person using the app or device. Some of these apps and devices even interface with other apps or devices; for instance, syncing the calendar apps records histories like sleep cycles, heart rate or glucose levels or to forecast such as fertility cycles. The question then arises:

What protection do consumers have over the health and personal data generated by these relatively new apps and connected devices?”

The Federal Trade Commission (“FTC”) recently issued a policy statement addressing this issue and protection of the information gathered by these relatively new technologies.

Existing Framework

Privacy of health-related information gathered by providers of healthcare services or supplies — such as physician offices and pharmacies — has long been protected by the Health Insurance Portability and Accountability Act (“HIPAA”). HIPAA also contains provisions requiring healthcare providers to notify impacted individuals when HIPAA-protected data is breached or compromised and the FTC enforces those provisions.

Continue Reading FTC Addresses Privacy Concerns over Data Collected by Health-related Apps and Devices

Data privacyCurrently, there is no broad, generally applicable federal law or regulations concerning data privacy, the collection and use of data or consumers’ rights regarding same. Instead, the matter has been left to the individual states to address. California has led the charge and its data privacy laws are generally regarded as the strongest and most consumer-friendly.

2021 Florida Legislative Session

Earlier this year, the Florida legislature took up the question of online privacy and considered HB 969, the Florida Consumer Data Privacy Act. Modeled after similar legislation in California, HB 969 contained provisions that, among other things, imposed requirements on businesses that collect information from consumers via websites or apps. Specifically, such businesses would be required to inform consumers exactly what data they collect and how they use that data. Consumers would then have the opportunity to grant or deny authorization to collect and/or use that data. HB 969 also contained a provision that would have allowed consumers to sue businesses that used information without authorization.

Because of the parallels to California privacy law and the rights it would give consumers, HB 969 was a landmark piece of legislation that, in terms of data privacy, would rank Florida among the most protective states in the Union. However, HB 969 was heavily lobbied and debated as business interests did not like the potential exposure to suits from consumers relating to the use of personal data. While there was broad, bipartisan support for the bill, the Legislature could not compromise and HB 969 died on the floor on the final day of the legislative session.

Where does Florida rank?


Continue Reading Data Privacy in the USA: Where does Florida rank? Where are we heading?

Since businesses like Amazon and eBay first burst upon the scene in the mid-1990s, shopping via the Internet has grown from a quirky way to find a few items to a convenient way to purchase just about anything. As we approach the first major holiday season with people wary of exposure, travel difficulties and social distancing within families, shopping on the Internet is the preferred option for many people, including many who are not experienced online shoppers.

While shopping online instead of at the mall can certainly lower the risk of exposure to COVID, it does, however, increase the risk of exposure to other dangers, such as hackers looking for personal information, malware, and identity theft.

Safe Online Shopping Tips


Continue Reading Put personal info protection on your holiday shopping list

Rosen Hotels and Resorts, Inc. (“Rosen”) operates a number of hotel properties in the Orlando area. Rosen’s subsidiary company, Rosen Millennium, Inc. (“Millennium”) provides IT support to Rosen, including data security.

In early 2016, Rosen learned of a possible data breach involving customer credit card data. A forensic investigation located malware on the company’s payment network, which indicated a third-party had hacked into the system and determined that customer credit cards used between September 2014 and February 2016 may have been compromised. In March 2016, Rosen notified potentially impacted customers of the data breach.

Duty to Defend


Continue Reading Federal Court Clears Travelers of Liability in Hotel Data Breach Lawsuit

Hands Holding Digital Tablet Database Hacked

Guest post by John Miller, Esquire, Stockholder in Henderson Franklin’s Tort & Insurance Litigation Group

Regardless of the economic or political climate, there never seems to be a decline in tort lawsuits. Be it personal injury claims, employment suits, or professional liability cases, 2017 promises to be another busy year for insurance defense litigators.

Data Security – Data Breaches


Continue Reading Tort Trends for 2017: Protect Yourself in the New Year