Posts containing Cartoons by Professor Daniel J. Solove for his blog at TeachPrivacy, a privacy awareness and security training company.
This HIPAA cartoon involves the notice of privacy practices (NPP) under HIPAA. HIPAA has a set of detailed requirements for the NPP. See 45 CFR 164.520 for the text of HIPAA’s requirement for NPPs. The biggest challenge regarding privacy notices is that hardly anyone actually reads the notice, and notices are often a chore to read. There is […]
This HIPAA cartoon involves confidentiality. There are countless cases of misdirected PHI that is emailed or faxed to the wrong people. I recently created a new short course on HIPAA Confidentiality. You can learn more about it here. HIPAA Resources HIPAA Training Courses HIPAA Training Guide HIPAA Training Requirements FAQ HIPAA Whiteboard HIPAA Resources […]
This cartoon is about consent under the GDPR. Under the GDPR Article 6, consent is one of the six lawful bases to process personal data. Article 7 provides further guidance about consent, including the data subject’s right to withdraw consent. The meaning of what “consent” requires is most thoroughly stated in Recital 32: Consent should […]
Here’s a new HIPAA cartoon. This cartoon is about protected health information (PHI). In the HIPAA regulations, the definition of PHI is quite complicated, as it is splintered into at least three separate parts that appear in HIPAA’s definitions section. Pursuant to HIPAA, 45 CFR 160.103: Health information means any information, including genetic information, whether oral or recorded […]
The privacy world has been abuzz with the passage of the California Consumer Privacy Act of 2018. In June 2018, within just a week, California passed this strict new privacy law. Some commentators have compared it to the GDPR, but it is a much more narrow law and is a far cry from the GDPR. […]