Misc Items Flashcards
Cable Communications Privacy Act of 1984
CCPA- regulates required notice of cable TV providers, once at start of service and annually thereafter.
You can request opt-out, but exceptions are:
- legit business activities
- court order
- Name and address only
FCC, FTC
Communications Assistance to Law Enforcement Act of 1994
CALEA, Digital Telephony Bill.
- requires communications companies to design products to allow for lawful government access (wiretaps, etc)
As of 2005, includes internet.
FCC, FTC
CAN-SPAM Consent to Share Requirements
“Express Prior Authorization”- must be an affirmative OK, like a checkbox or button. It can be written, oral, or digital, must there must be a record of it.
CAN-SPAM email requirements
- No false or misleading headers
- clear, working return email address
- clear opt-out without cost
- don’t send to those who have unsubscribed (10 day grace period)
- no aggravated actions, like address harvesting
- pornographic content must have a warning label
Now covers texts, too
Cybersecurity Information Sharing Act of 2015
CISA- federal government can share unclassified, technical data with companies about attacks/breaches, as well as how to defend against them.
No consent needed. PI must be removed.
DHS, DOJ
Electronic Communications Privacy Act of 1986
Collective name of ECPA and Stored Wire Electronic Communications Act, which updates the Federal Wiretap Act.
Protects communications when made, in transit, and stored on computers.
Only one party (provider exception) needs to consent to share.
Comprehensive Alcohol Abuse and Alcoholism Prevention, Treatment, and Rehab Act of 1970
Must have written patient consent to share these types of medical records. Covers any program receiving federal funding.
Exceptions:
- medical emergency
- research
- audits, evaluations
- crimes on premises
- child abuse
- court order
- for the organization to provide services
Often in parallel with HIPAA.
AG.
FERPA vs. HIPAA
HIPAA doesn’t cover a school if FERPA covers them. This is generally a public-funded school with a nurse on staff.
FERPA does NOT apply to private schools, so HIPAA would cover them.
College health centers treating only students = FERPA
College health centers treating students and staff = FERPA for students, HIPAA for staff
5th Amendment
No self-incrimination, which is often interpreted to mean you have a right to privacy in some situations
GINA- what agencies enforce it?
EEOC - Title II (employment discrimination)
DOL, HHS, Treasury- title I (genetic info in health insurance)
Junk Fax Prevention Act
Created the EBR exception in TCPA. Faxes must have a clear opt out.
FTC, FCC, TCPA
21st Century Cures Act of 2016
It’s OK to give researchers health data to “expedite research.”
Provisions:
- OK to view data remotely in compliance with HIPAA
- must have certs of confidentiality
- can’t block pharma’s access to the data
- no personal info
FDA
PATRIOT ACT, Section 215
“Library Records” provision and “Tangible Things” provision: allows FBI director to apply for an order to produce materials that assist in investigations against terrorism.
- things like books, papers, records
Only FISA and magistrate judges can grant it. Does NOT need to say why it was granted!
USA FREEDOM Act of 2015
Modified Patriot Act:
- outs some restriction on bulk collection, following Snowden
- restored roving wiretaps for terrorist tracking
Privacy Protection Act of 1980
PPA- gives the media extra protection from government searches in criminal investigations.
Based on 1978 case Zurcher v Standford Daily, where police used a warrant to look through unpublished photos of a demonstration to find a suspect. SC said this was OK as long as there was strong case that evidence would be found. Still requires warrant or subpoena
