On September 25, 2020, California Governor Gavin Newsom signed into law California AB 713, which amends the California Consumer Privacy Act (CCPA) to except from its requirements certain health information, including information that has been de-identified in accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The bill’s enactment eases some of the CCPA compliance challenges experienced by the health care and life sciences industries by more closely aligning the CCPA with HIPAA and other laws governing human subjects research. The new law also amends the CCPA to except all business associates to the extent that they maintain, use or disclose patient information in the same manner as protected health information under HIPAA.
CCPA Amendment Update: California Legislature Approves Exceptions for HIPAA De-Identified Information and Other Health Data
By Daniel F. Gottlieb and Deepali Doddi on October 22, 2020
