Privacy & Cybersecurity Law Blog

On October 12, 2022, the UK Information Commissioner's Office (“ICO”) launched a public consultation on its draft guidance on employers’ obligations when monitoring at work (“Draft Guidance”). In addition, the ICO has published an impact scoping document, which outlines some of the context and potential impacts of the Draft Guidance (“Impact Scoping Document”).

Over the last two years, courtesy of a once-a-century pandemic, government-mandated business closures, nationwide stay-at-home orders, and—unprecedented—disruptions to the global supply chain have illuminated, previously unknown, vulnerabilities across a whole host of industries. Would anyone have seriously questioned the viability of office space two years ago? Now, inflation, in keeping with the recent chaos, may be upending the viability of another tried-and-tested institution: the supply contract.

The FTC, through the Department of Justice, has entered a settlement with two companies and the joint corporate President for falsely claiming that the LED lighting products and personal protective equipment (PPE) they sold were “Assembled in the USA,” “Buy American Act Compliant,” “Manufactured in the USA” and “100% Made in the USA,” despite having been imported from China. According to the FTC’s complaint, the defendants, Axis LED Group, LLC, ALG-Health LLC and Adam J. Harmon, went so far as to peel “Made in China” stickers off the products and replace them with Made in USA labels. The FTC had previously investigated and warned the companies, and received assurances that they would remove unqualified Made in USA claims from their marketing materials. The defendants subsequently were investigated by the National Institute for Occupational Safety & Health (NIOSH) over safety superiority claims for their KN95 masks.

On June 13, 2022, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) released guidance to help covered entities understand how they can use remote communication technologies for audio-only telehealth in compliance with the HIPAA Privacy and Security Rules (the “Guidance”). Specifically, the Guidance clarifies how audio-only telehealth can be conducted after OCR’s Notification of Enforcement Discretion for Telehealth (the “Telehealth Notification”), put in place during the COVID-19 pandemic, is no longer in effect.