The House is considering two data privacy bills that would go beyond existing federal privacy laws, including the Health Insurance Portability and Accountability Act (HIPAA), which covers health information, and the Gramm-Leach-Bliley Act (GLBA), which covers personal information. The Securing and Establishing Consumer Uniform Rights and Enforcement (SECURE Data Act) bill would address data outside the scope of existing federal privacy laws, and the Guidelines for Use, Access, and Responsible Disclosure of Financial Data (GUARD Financial Data Act) bill would update the GLBA.
If these bills become law, data protection rules similar to HIPAA would apply to data not currently within HIPAA’s or GLBA’s purview. As a result, employers and benefits advisors may need to determine which laws apply to benefit plan and human resources data.
Understanding HIPAA and GLPA
HIPAA requires “covered entities,” including hospitals, health insurance companies, and health plans, to protect consumer health information. The law prevents covered entities from sharing health data with third-party marketing companies, unless consumers agree to data sharing. Consumers can also obtain copies of their health records from any covered entities under HIPAA.
In contrast, the GLBA applies to consumers’ personal financial information, such as Social Security numbers and credit card numbers. Consumers can opt out of sharing their personal information with third-party marketers, but GLBA does not require financial institutions to ask consumers to opt in, as HIPAA does.
The SECURE Data Act and GUARD Financial Data Act Bills
The SECURE Data Act would impose national data privacy standards for personal data that falls under neither HIPAA nor GLBA.
The GUARD Financial Data Act bill would expand GLBA to cover personal financial information that financial institutions collect and store. Consumers can also obtain copies of their records from financial institutions and opt out of any sharing of sensitive, non-public personal information. Financial institutions would have a duty to limit the collection of non-public information to only that which is relevant and reasonably necessary.
The bills are pending before the House Financial Services Committee and the House Energy & Commerce Committee. The U.S. Chamber of Commerce and the American Council of Life Insurers support the passage of these bills.
HBL has experience in all areas of benefits and employment law, offering a comprehensive solution to all your business benefits and HR/employment needs. We help ensure you are in compliance with the complex requirements of ERISA and the IRS code, as well as those laws that impact you and your employees. Together, we reduce your exposure to potential legal or financial penalties. Learn more by calling 470-571-1007.
