On September 25, 2020, California Governor Gavin Newsom signed into law amendment AB 713 to the California Consumer Privacy Act (CCPA), which “addresses inconsistencies between data protection afforded under the Health Insurance Portability and Accountability Act of 1996 (‘HIPAA’) and the CCPA.”
A few key elements included in amendment AB 713 include: the “de-identification” of information under the CCPA will follow the standards contained in HIPPA; companies regulated by the CCPA cannot “re-identify de-identified” information, except in specific instances; and companies that sell and/or share de-identified information must update CCPA privacy policies to disclose to consumers the method by which data was de-identified. The amendment went into effect on September 30, 2020.
