February 2021 Bar Bulletin
By Dominique Scalia
It has been over four and a half years since the EU passed its landmark General Data Protection Regulation (the “GDPR”), and over two and half years since it went into effect. In the United States, however, data privacy laws are a patchwork.
We have multiple federal laws governing data privacy, such as the Health Insurance Portability and Accountability Act (HIPAA), which governs the use and disclosure of individual health information; the Fair Credit Reporting Act (FCRA), which includes restrictions on dissemination of consumer financial information; and the Electronic Communications Privacy Act (ECPA), restricting access to electronic communications...