Data Subjects Part 2: US

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

3 hours 39 minutes
Video Transcription
Welcome to module 3.14 data subjects, us or United States.
In this module we will explore various U. S. Laws and how they impact data subjects will also explore various state laws and how they impact data subjects.
So U. S. Federal laws and functions that impact data subjects Federal Credit Reporting Act or the F. C. R. A. The health insurance Portability and accountability act, otherwise known as hip hop,
controlling the assault of non solicited *** and marketing. The can spam
Privacy Act of 1974. The Freedom of Information Act or Foia
Or the Cares Act of 2000, which came out as a result of the COVID pandemic has various privacy elements baked into it as well.
Now you're probably thinking
Mr Sasi at this point you've lost your mind. But I have a reason. We have a hippo on the screen here.
It's something that I know a lot of uh it's an inside type of joke with a lot of privacy professionals is that we talk of hipaa
uh the acronym itself is sometimes misspelled and that can certainly uh
cast doubt sometimes on knowledge and we talk about how grammar matters in business writing and things like that like that. But that certainly is the case with privacy
laws and acts and regulations and so forth. So making sure you get the acronyms correct is certainly important. And one tip I have here is HIPPA is not a hippo. So that is a reminder that there is two aces in hip hop not to peace. There are two A. So just keep that in the back of your mind
for those of you who are in the United States are working with patients in the U. S. That you have to protect their uh their their P. H. I. Or their P. I.
Some of the state laws that impact data subjects, the California consumer privacy act of the CCP. A. The California shine the light law. The California online eraser law, the California Online Privacy Protection Act. In the Delaware Online Privacy Act, as well as the Illinois biometric information privacy Act or the V. I. P. A. Are just some of the examples of some of the state laws you will see
that are out there to protect data subjects. And it's important to note that California has certainly taken the lead among the states here in the U. S. As it pertains to protecting the privacy of data subjects. And in fact with CCP A coming out after the very famous G. D. P. R. Which we'll discuss in the next module
uh in regards to data subjects. They they've taken a lot of the spirit of the G. D. P. R.
Into California.
And I think that uh in many professionals will agree that a lot of the states that are more progressive will certainly have uh additional or state laws that regulations that will certainly impact data subjects
uh this next decade. So other states such as new york recently had a
a bill that was introduced and and that did not go through but that that's something we're likely will eventually go through. That's going to be similar to the provisions that you see in the C. C. P. A.
Some U. S. Privacy program considerations in regard to data subjects, just know the enforcement agency you're dealing with. Uh you know bring up the FTC is a common one, the Federal Trade Commission uh you know the docs or Department of Health and Human Services in regard to hip hop, it's important to know the enforcement agency and going back to the resources
for for your training and your education awareness programs. It's important to be able to know what type of resources are out there and what type of list you may have to be a part of. And in order to get the most updated and current information, uh, identify the reporting requirements.
Understand fines for non compliance is important, especially as it pertains to your risk profile.
Identify when consent is required is also something that's important. And as always I bowled here legal counsel, many in the privacy professional community. They are attorneys. However, some of us are not. So it's important to make sure you work directly with your legal counsel or outside counsel
with an attorney who has specialist knowledge
of these laws.
the health insurance blank and accountability
Act of 1996 regulates the use and disclosure of protected health information or ph I
is a protection portability or program.
May I let the cat out of the bag a little bit on that one? But portability is the correct answer. It is not.
Protection protection is certainly part of it with the security rule for those who are going through the uh information privacy basics course, especially here in the US. You'll learn all about hip hop. Um,
but but really the spirit of that act is to allow individuals to have their information be portable so they can go for one provider to another uh in in a secure fashion.
So in this module, we discussed various federal regulations and laws that impacted data subjects in the US. And we also discussed various state regulations and laws that impact data subjects in the U. S.
Up Next