Washington’s My Health My Data Act – A Roadmap for…

Washington’s My Health My Data Act – A Roadmap for Compliance

Introducing a new tool to check whether Washington’s My Health My Data Act applies to you!
The act creates a host of new requirements for companies that deal in consumer health data—particularly around disclosure, use, sale, and consumer access.
It designates certain subject companies as “regulated entities” who must comply by March 31 and other companies as “small business” who must comply by June 30.
Unlike most U.S. state privacy laws, violations can be enforced through a private right of action, but plaintiffs must prove damages. That can be tough, but plaintiffs’ attorneys may nonetheless try and extract low-value settlements from companies that have obvious compliance issues.
The law also empowers the Washington attorney general to bring enforcement actions against noncompliant companies.

MHMDA aims to provide stronger privacy protections for “consumer health data” by:

Requiring additional disclosures for the collection, use, and sharing of consumer health data
Restricting the use of consumer health data to what is necessary to provide a consumer requested service unless the consumer provides their consent or a written authorization for additional processing
Giving consumers the right to access and delete their consumer health data and withdraw their consent for collection and sharing
Prohibiting the sale of consumer health data without a valid authorization signed by the consumer
Prohibiting certain uses of a geofence around a facility that provides health care services

Continue reading here.

Frequent Searches