U.S. Congressman Cicilline (D-RI) has announced  his intent to introduce legislation “that tightly restricts the use of personal, online consumer data that is often used to ‘microtarget’ voters with misleading ads.” According to his release, the legislation will be titled the “Protecting Democracy from Disinformation Act” and has the following elements: 

• Restricts Microtargeting: Only allows advertisers and online platforms to use age, gender, and location when targeting political ads. 

• Improves Transparency: Requires disclosure and reporting on who paid for an ad, how much it cost, whom an ad is aimed at, and who saw the ad.

• Holds Online Platforms Accountable: Provides enforcement through the Federal Election Commission’s existing authority, a private right of action, and criminal penalties for online platforms and ad intermediaries that knowingly and willfully violate the Act.

Expect issues such as microtargeting and others to come to the forefront as we enter in the election season of 2020. 

Lanton Strategies; a segment of Lanton Law works to help advance our clients interests before both legislative and regulatory bodies on the state and federal levels. We use sources from the Hill, state houses, agencies, markets and trade associations, to inform our clients and achieve proactive results. Let us know how either our government affairs services or legal services can help you achieve your priorities. 

Apple and Google have announced their partnership to enable Bluetooth technology to help interested stakeholders such as healthcare agencies and governments to fight COVID-19. The announcement describes the tech companies’ intent of “releasing draft documentation for an Exposure Notification system in service of privacy-preserving contact tracing.” The most important thing to note is that the companies will not be building contact tracing apps but will be providing tools around a unified programming interface that will allow these aforementioned stakeholders to create their own contact tracing applications. And while this partnership and others like it are a much needed resource during our fight against COVID-19, privacy concerns with how these companies are using our information loom in the background. 

So what is contact tracing? It can come in two forms. The first form is human to human tracing, which is described in the Centers for Disease Control and Prevention’s (CDC) list of core principles. 

• Contact tracing is part of the process of supporting patients with suspected or confirmed infection.

• In contact tracing, public health staff work with a patient to help them recall everyone with whom they have had close contact during the timeframe while they may have been infectious.

• Public health staff then warn these exposed individuals (contacts) of their potential exposure as rapidly and sensitively as possible.

• To protect patient privacy, contacts are only informed that they may have been exposed to a patient with the infection. They are not told the identity of the patient who may have exposed them.

• Contacts are provided with education, information, and support to understand their risk, what they should do to separate themselves from others who are not exposed, monitor themselves for illness, and the possibility that they could spread the infection to others even if they themselves do not feel ill.

• Contacts are encouraged to stay home and maintain social distance from others (at least 6 feet) until 14 days after their last exposure, in case they also become ill. 

As you can see this is a very specialized skill that needs to be timely executed to prevent further spread of disease. 

According to the CDC digital tracing on the other hand is another set of tools that can be used to “expand the reach and efficacy of contact tracers.” This is what we are seeing from the Apple-Google partnership, as well as other applications (apps) that we see flooding the market in an effort to provide additional tools to combat COVID-19. 

Digital contact tracing can theoretically be more efficient because it doesn’t rely on memory, but requires user cooperation where people would have to download the relevant apps on their phones. In order for something like this to have an almost “real time” effect, a large number of people would have to adapt to this technology. Are we as a society ready for this? While emergencies like this would seem like the answer would be a common sense “yes” there are a lot of other issues at play such as are positive alerts to a user accurate and will a user’s information be protected? A great example of user worry could come in the form of potential genetic discrimination of which we wrote a prior blog post.  

To date the skepticism of technology companies being able to use healthcare data has been rampant. For example, several industry stakeholders were surprised by the Wall Street Journal’s (WSJ) article  that Google has been working since 2018 on a "secret" project involving patient data with Ascension, the St. Louis-based nationwide health system. 

Project Nightingale would involve having Google be provided with millions of health records of U.S. citizens, which has prompted a recent follow up letter by three U.S. Senators to gain additional insight into the project’s specifics. Facebook has a new tool called Preventive Health that seeks to “connect people to health resources and checkup recommendations from leading health organizations.” And while Microsoft launched Microsoft Cloud for Healthcare; whose program applies “flexible capabilities to power individualized experiences, improve team collaboration, and unify data to unlock real-time insights,” demonstrates that while technology and healthcare are merging, the need for addressing privacy concerns remains at the forefront. 

We need all the tools we can get our hands on during this difficult struggle against COVID-19, especially when it comes to digital contact tracing. There is no doubt that we need the efficiencies that technology has to offer. The potential is there, but there has to be buy in from a majority of people in order for this to work. Not only do we have to continue to work to ensure that everyone has access to smartphone technology, but we have to put some additional “safety checks” in place to ensure that ‘anonymized’ aggregated data isn’t sold, that sensitive protected health information (PHI) is guarded and the proper laws/regulations are put in place so that we can learn from the painful lessons that COVID-19 has taught thus far. 

We are honored to have worked with STACK for Pharmacy on a great and timely webinar titled “The New Concerns of a Digital Workplace. COVID-19 has changed the way that we work, communicate and transfer information and finances. We discuss the early trends of what we are seeing from a transitioning marketplace.

Click here to access the webinar

STACK will be teaming up with Lanton Law to do an April 22, 2020 webinar at 1:00 PM EST titled “The New Concerns of a Digital Workplace.” Join Jonathan Ogurchak, Founder & CEO of STACK and Ron Lanton III, Esq, Principle of Lanton Law to discuss the following:

Challenges facing healthcare organizations with a rapid deployment to “work from home” environments

Considerations to ensure ongoing compliance and ensure appropriate use

Future areas for advancement related to the “new normal” organizations are likely to face

Click here to register

As organizational needs evolve right now, businesses are looking for innovative ways to become efficient and manage risks. 

For years our team at Lanton Law have been helping businesses around the country remotely with a variety of transactional needs. 

Legal services include but not limited to:

• Contract drafting, review and negotiation

• Due diligence in transactional matters

• Change of ownership

• Corporate governance matters

• Employment matters

• Privacy and data security 

• Leases

• Business strategy and growth objectives

• Day to day operational matters

• Litigation readiness and response

• Pre-litigation dispute resolutions such as arbitration and mediation

• Regulatory compliance 

• Acquisition due diligence/transfer of ownership

• Payor network access   

Additionally, our government affairs services include:

• Federal and state lobbying

• Strategic consulting

• Bill composition/bill check service

• Submitting regulatory comments

• Regulatory monitoring

U.S. Senator Kirsten Gillibrand (D-NY) has announced the creation of new legislation titled the Data Protection Act. According to the Senator’s press release, the bill would create “the Data Protection Agency (DPA), an independent federal agency that would protect Americans’ data, safeguard their privacy, and ensure data practices are fair and transparent. 

The DPA will have the authority and resources to effectively enforce data protection rules—created either by itself or congress—and would be equipped with a broad range of enforcement tools, including civil penalties, injunctive relief, and equitable remedies. The DPA would promote data protection and privacy innovation across public and private sectors, developing and providing resources such as Privacy Enhancing Technologies (PETs) that minimize or even eliminate the collection of personal data. The U.S. is one of the only democracies, and the only member of the Organization for Economic Co-operation and Development (OECD), without a federal data protection agency.”

The proposed bill will have three core missions:

• Give Americans control and protection over their own data by creating and enforcing data protection rules

• Maintain the most innovative, successful tech sector in the world by ensuring fair competition within the digital marketplace

• Prepare the American government for the digital age

Governmental oversight into data is showing no signs of slowing down. Gone are the days where you don’t have to worry about regulations in order to operate. If you are a healthcare, technology and financial services stakeholder, data privacy will be the most important issue to overcome within the next 10-20 years. Ensuring against breaches of personally identifiable information (PII), protected health information (PHI), personally identifiable financial information (PIFI), and other sensitive data will be key to compliance, trust and market competitiveness. Contact Lanton Law so that our experts can use their advocacy and legal services to help you prepare and succeed in a more interconnected world.   

In November 2019, we published a blog post titled More Data Oversight on the Horizon that discussed increasing Congressional oversight over data privacy, while highlighting the importance of the Online Privacy Act of 2019. 

In preparation for 2020, Lanton Law is forecasting that it is more likely than not that some form of federal privacy legislation will become law in 2020. One proposed legislative candidate for privacy in 2020 is the Consumer Online Privacy Rights Act (COPRA). This bill is sponsored by Senator Cantwell (D-WA).

According to Senator Cantwell’s press release, the Act otherwise known as S.2968 “establishes privacy rights, outlaws harmful and deceptive practices, and improves data security safeguards for consumers shopping or conducting business online.” The release discusses specifics stating that (COPRA) “gives Americans control over their personal data; prohibits companies from using consumers’ data to harm or deceive them; establishes strict standards for the collection, use, sharing, and protection of consumer data; protects civil rights; and penalizes companies that fail to meet data protection standards. The legislation also codifies the rights of individuals to pursue claims against entities that violate their data privacy rights.” 

The question is whether this legislation will be able to pass in a hotly contested election year. At this point it is unknown. This bill thus far has no Republican co-sponsors so it has yet to gain bi-partisan traction. However; with the new and increasing scrutiny surrounding tech companies and their treatment of consumer data, we anticipate that the political winds may shift against technology companies. It’s better to be aware of trends instead of being caught off guard by them. 

Lanton Law helps tech and fintech stakeholders navigate both the regulatory and legislative landscape on a state and federal level. If you have questions about compliance, new potential business strategies or what the policy landscape will look like for your business, contact us to learn about your options.  

Back in August I started an analysis of how biosimilars will be impacted in the new United States-Mexico-Canada Agreement (USMCA). To refresh, in a follow up on a 2016 campaign promise to renegotiate the North American Free Trade Agreement (NAFTA), the Administration has been engaging Mexico and Canada in an effort to create and ratify the USMCA. 

One of the major points of contention in the negotiation centered on the exclusivity period of biologics. Biosimilar manufacturers raised concerns about the fact that the USMCA would award biologic manufacturers 10 years of market exclusivity. 

Fast forward to December 19, 2019 when the U.S. House of Representatives approved the USMCA with a bipartisan vote of 385-41. When it comes to biologics, the status quo remains as the exclusivity period continues to be 12 years. A provision that would have guaranteed 10 years of market exclusivity for biologic drugs was stripped out of a deal between Congress and the Administration. 

Senate Majority Leader McConnell (R-KY) stated that the U.S. Senate would consider the measure in early 2020. The reason for the delay according to the Senator is due to the looming impeachment trial for President Trump. Stay tuned for developments.

If your organization intends to either start or increase your utilization of biologic/biosimilar products or you are interested in understanding how to invest in these emerging products, contact us today. 

No matter if you are a hospital, physician, pharmacist, manufacturer, SAAS or Health IT provider, the lifeblood of your business is in your contracts. As an attorney what amazes me time after time is how contracts are often overlooked by businesses.

When I speak with clients, many of them tell me that either they will just sign a contract to get access to something or on the back side, they will simply plan to get out of a contract if they aren’t happy with the party they contracted with. Situations like this are when things get interesting.

For clients contemplating entering into a contract, I usually ask the following: 

• Were you were able to negotiate your priorities into the contract? 

• Are you using standard terms and conditions from prior agreements?

• Are you thinking about how your business may evolve over time? 

On the flip side for clients that plan on exiting a contract I ask:

• Do you know what happens if you plan to get out of the contract? 

• Are there penalties for terminating?

• Are you prohibited from re-entering a certain market?

Many businesses don’t know the answers to these questions. Not knowing your rights before making a decision to either enter or exit a contract can cost your business thousands of dollars. 

Fortunately, there is something you can do about this. Clients have been using Lanton Law to help them understand not only what’s in their contracts, but Lanton Law gives you suggestions on how to negotiate a better deal, while also giving you a risk assessment for clients considering leaving a contractual relationship. Having a contract strategy will definitely save you from making a costly decision. 

Click here to contact Lanton Law now to schedule a contract risk assessment. Taking this small proactive step will not only help protect your interests, but it will allow you to more confidently plan for your future business expansion.

No matter what, technology will always move faster than the law. With this maxim and our ever increasing reliance on convenient information, we have seen technology companies try to bring us what we want to see while also collecting a staggering amount of information on consumers. With regulations scant on personal data, Congress is slowly becoming more active in making policy governing technology. 

In November 2019, Congresswomen Anna G. Eshoo (D-CA) and Zoe Lofgren (D-CA) introduced the Online Privacy Act of 2019 (H.R. 4978). According to the sponsors, the bill proposes to strengthen user rights, places obligations on companies to protect users’ data, establishes a new federal agency to enforce privacy protections, and strengthens enforcement of privacy law violations.  

The sponsors press release discussed the following points which are highlights of the bill: 

• Creating User Rights – The bill grants every American the right to access, correct, or delete their data. It also creates new rights, like the right to impermanence, which lets users decide how long companies can keep their data.

• Placing Clear Obligations on Companies – The bill minimizes the amount of data companies collect, process, disclose, and maintain, and bars companies from using data in discriminatory ways. Additionally, companies must receive consent from users in plain, simple language.

• Establishing a Digital Privacy Agency (DPA) – The bill establishes an independent agency led by a Director that’s appointed by the President and confirmed by the Senate for a five-year term. The DPA will enforce privacy protections and investigate abuses.

• Strengthening Enforcement – The bill empowers state attorneys general to enforce violations of the bill and allows individuals to appoint nonprofits to represent them in private class action lawsuits.

 With so many controversies surrounding the use and rights of consumer data, we fully expect more government oversight into technology. If you are a technology stakeholder and you are interested in learning more about emerging policy or understanding potential risks to your business model contact us for legal or government affairs solutions at Lanton Law.

Oftentimes policy changes that sweep across the nation originate in policy “hot spots” like Massachusetts, California, New York, etc. This time its consumer privacy. As we rely more and more on the internet of things, artificial intelligence and fitness applications, we are unfortunately becoming more exposed to potential data breaches. If you operate in California, the California Consumer Privacy Act (CCPA) will be a defining factor in how you manage risks around consumer data. Approximately 500,000 businesses across all business sectors will have to comply with CCPA once the act goes into effect on January 1, 2020. 

So what is the CCPA? Passed in 2018 as AB 375, the Act models itself on Europe’s General Data Protection Regulation that went into effect recently. The bill awards California residents with the right to be informed on how companies collect and use their data. The law also allows their personal data to be deleted. CCPA creates a sliding scale approach by applying to California businesses who generate an annual gross revenue of $25 million with half of their annual revenue deriving from selling consumer information, or by companies that buy, sell or share personal information from at least 50,000 consumers, households or devices. 

Recently, the California legislature passed five bills seeking to amend CCPA in which Governor Gavin Newsom (D-CA) has until October 13, 2019 to sign or veto the legislation. Additionally, the state attorney general is expected to release draft regulations by the end of the year. Interestingly, an economic impact assessment prepared by a third party for the California Attorney General’s office stated that the new law could cost companies a total of up to $55 billion in initial compliance costs. 

So what is this important? Our society’s reliance on connectivity is not slowing down. The very companies that many of us interact with on a daily basis such as Amazon, Twitter and Facebook find themselves at the center of how they will comply with CCPA. But while this can be explained away as something that impacts only California, I have seen this type of legislation starting to spread to a cluster of other states. 

If you traffic in data, it will be a good idea to take inventory of your operational risks and whether your company will be able to comply if a similar law is enacted in your state. If you need assistance with regulatory compliance or are interested in finding out how your company can best engage with policymakers on this issue, don’t hesitate to reach out to us at either Lanton Strategies or Lanton Law.