[ Tuesday, June 21, 2005 ]


Interesting California preemption case: Well, "interesting" if you are into this type of thing. This isn't HIPAA, but rather relates to the interaction between the federal Fair Credit Reporting Act and California's landmark 2003 consumer privacy law. The California law allowed individuals to prevent banks from selling their personal data to affiliates that are in a different line of business. The basic activity in question is when, say, Citibank sells a customer's data to Travelers, so that Travelers can target the customer for possible insurance needs. While the lower federal court upheld the California law, an appeals court said the federal law (which allows financial institutions to sell the information to related entities if certain protections are in place) preempted at least that part of the California statute. The federal law still requires banks to get permission to share with non-affiliated entities, and they must allow consumers to opt out before sharing with joint-marketing groups.

Story is here, case is here.

Jeff [10:07 AM]

Comments: Post a Comment
http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template