Antikickback Statute and Stark Law: The Anti-Kickback Statute (AKS) is a federal law that prohibits the exchange of any form of remuneration to induce or reward referrals for services or items paid by federal healthcare programs like Medicare and Medicaid. The Stark Law, also known as the Physician Self-Referral Law, specifically prohibits physicians from referring Medicare patients for certain designated health services to entities with which they (or an immediate family member) have a financial relationship.
COPPA: The Children’s Online Privacy Protection Act (COPPA) of 1998 protects the privacy of children under 13 years old online. It mandates that websites and online services aimed at children or collecting data from children obtain parental consent before gathering personal information.
EU Cookie Law / ePrivacy Directive: This EU law requires websites to obtain user consent before storing or accessing information on their devices through cookies or similar technologies.
FCRA: The Fair Credit Reporting Act (FCRA) is a federal law enacted in 1970 to protect consumers’ information in their credit reports. It ensures the accuracy, fairness, and privacy of information in the files of consumer reporting agencies. The FCRA gives consumers the right to access their credit reports, dispute inaccurate information, and be informed if information in their file has been used against them, among other rights.
FERPA: The Family Educational Rights and Privacy Act (FERPA) is a federal law enacted in 1974 to protect the privacy of student education records. It grants parents certain rights regarding their children’s educational records, including the right to inspect and review records, request corrections, and control disclosures of personal information.
GDPR: The General Data Protection Regulation (GDPR), implemented in 2018, is a comprehensive data protection law in the European Union. It grants individuals greater control over their personal data and sets stringent requirements for organizations collecting, storing, and processing that data. It includes rights such as data access, correction, and erasure, and mandates transparent data handling practices.
GLBA: The Gramm-Leach-Bliley Act (GLBA), also known as the Financial Services Modernization Act of 1999, requires financial institutions to explain their information-sharing practices to their customers and safeguard sensitive data. It mandates that these institutions have privacy policies to protect customer information from unauthorized access and fraud.
HIPAA and Health Care Privacy Laws: The Health Insurance Portability and Accountability Act (HIPAA) of 1996 protects the privacy and security of individuals’ protected health information.
Illinois BIPA: The Illinois Biometric Information Privacy Act (BIPA) of 2008 mandates businesses to get explicit consent from individuals before collecting, storing, or using their biometric data, like fingerprints or facial recognition. It also requires companies to outline a clear retention schedule and guidelines for permanently destroying biometric data.
Part 2 42 CFR Part 2 protects the confidentiality of substance use disorder patient records.
TCPA: The Telephone Consumer Protection Act (TCPA) of 1991 aims to safeguard consumers from unwanted telemarketing calls, faxes, and pre-recorded messages.
Video Privacy Protection Act: The Video Privacy Protection Act (VPPA), enacted in 1988, is a federal law designed to protect the privacy of individuals’ video rental and purchase records. It restricts video service providers from disclosing personally identifiable information about their customers without consent.