The DATA Privacy Act would require companies that collect health and genetic information from more than 3,000 people annually to retrieve consent from the individuals generating the data. Additionally, the legislation would allow consumers to request, dispute the accuracy of, and transfer or delete their data without a price or service penalty.
Consent from consumers will be required in two circumstances. Consumers must opt in for businesses to collect or disclose sensitive data, such as genetic, biometric and location information. Consumers must also opt in for businesses to disclose consumer data outside of the their relationship with the consumer.
“From my time as Nevada’s attorney general, I’ve fought for consumers who’ve been harmed by data breaches at major companies and defrauded by scammers who stole their data,” Ms. Cortez Masto said in a news release. “This bill requires companies put data protection and transparency first, while also requiring Congress and our government agencies step up to make the private data of consumers in Nevada, and across the country, a priority for protection.”
More articles on cybersecurity:
13 healthcare privacy incidents in February
Montana hospital reports medical records room break-in
IBM: Cybercriminals abandon ransomware for ‘cryptojacking’