Aggressive Washington Health Privacy Law: Ten Compliance Priorities

Washington’s new My Health My Data Act (MHMD) imposes requirements on a wide array of companies that have had little or no prior involvement with HIPAA – and the law will be a litigation launch pad by establishing a private right to sue. The MHMD’s sweeping definitions for a new class of consumer health data and its unclear interaction with the patchwork of other states’ comprehensive privacy laws will make compliance challenging. This article, part two in a series examining the pioneering law, presents recommended compliance priorities from experts at Clark Hill, Hintze Law, Frankfurt Kurnit, Husch Blackwell and WilmerHale, including considerations for data subject rights, a separate privacy notice and novel geofencing restrictions. Part one looked at the law’s key impacts and broad definitions. See  “Understanding and Implementing Privacy Audits” (Nov. 30, 2022).

To read the full article

Continue reading your article with a CSLR subscription.