According to recent guidance from the US Federal Trade Commission (FTC), providers of health apps and connected devices that collect consumers’ health information must comply with the FTC’s Health Breach Notification Rule, 16 CFR Part 318, and therefore are required to notify consumers and others when their health data is breached.
Tech & Sourcing @ Morgan Lewis
TECHNOLOGY TRANSACTIONS, OUTSOURCING, AND COMMERCIAL CONTRACTS NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
It has become increasingly clear that improving cybersecurity will be a main focus, and important goal, of the Biden-Harris administration.
With high-profile ransomware attacks occurring over the last few months, cybersecurity is back on the agenda in Washington, DC. We invite you to an upcoming webinar during which Morgan Lewis partners Ezra Church, Kristin Hadgis, and Daniel Skees will review recent actions taken by the Biden-Harris administration to address cybersecurity threats to critical infrastructure and to enhance the protection of sensitive data. They will also consider how the administration’s approach could affect future regulatory initiatives.
The United Kingdom’s Digital Regulation Cooperation Forum (DRCF) on March 10 announced in its 2021–2022 workplan that the UK Financial Conduct Authority (FCA) will join as a full member from April 1, 2021.
The US Department of Justice (DOJ) announced on January 13 that it had completed its review of a proposed joint patent licensing pool known as the University Technology Licensing Program (UTLP) of 15 participating universities. The DOJ concluded that the UTLP was unlikely to harm competition and would benefit licensees and the public to the extent that the UTLP would make it easier to commercialize inventions that may be currently unlicensed or underutilized.
The Internet of Things Cybersecurity Improvement Act of 2020 was signed into law on December 4, resulting in the first federal regulation of the Internet of Things (IoT).
Companies developing digital therapeutics, clinical decision support apps, and other digital health technologies for use in the coronavirus (COVID-19) pandemic should be mindful of FDA’s quickly evolving policies and guidance affecting such technologies. In our recent LawFlash, FDA Regulation of COVID-19 Apps, Digital Therapeutics, and other Digital Health Technologies, we examine recent FDA developments and their implications for companies in the digital health space.
The Business Software Alliance (BSA) recently endorsed principles for building trust in the Internet of Things (IoT), highlighting the need for a risk-based approach that (1) accounts for the various components, capabilities, users, environments, life cycles, and complexities of the IoT ecosystem, and (2) engages the corresponding stakeholders. Given the near boundless opportunities—and risks—deriving from its connectivity, a connected device should not be designed and managed in isolation.
In a recent Wall Street Journal article, cybersecurity journalist Catherine Stupp drew attention to the massive surge in internet-connected devices expected to be in use by the end of 2020.