SHARE

November 02, 2021

What percentage of access and deletion requests do healthcare companies deny each year?

You've Reached Your
Free Article Limit This Month
Subscribe now to get unlimited access to all Law.com OnPractice content. Your subscription is free.
Subscribe Now

The CCPA Regulations require that businesses that buy, receive, sell, or share personal information about more than 10 million Californians disclose metrics within their privacy notices regarding the quantity of data subject requests that they received in the previous calendar year. Among other things, businesses must publicly report the number of access and deletion requests that the business denied.1

A review of the websites of the Fortune 500 indicates that only one healthcare company disclosed its data subject request metrics. While the limited quantity of companies that reported metrics makes extrapolating trends or conclusions impossible, extrapolation is further complicated as the one company that reported its volume of access and deletion requests chose not to indicate the percentage of those requests that were granted or denied.


1 Cal. Code Regs. tit. 11, § 999.317(g) (2021).

ALM expressly disclaims any express or implied warranty regarding the OnPractice Content, including any implied warranty that the OnPractice Content is accurate, has been corrected or is otherwise free from errors.

More From Greenberg Traurig

Data transfers from a controller in the EEA, to another controller in the EEA, to a processor outside of the EEA

By David A. Zetoony Greenberg Traurig August 02 , 2022

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Workplace Safety Review: Episode 28 | Interview with Nadine Mancini

By Michael T. Taylor Greenberg Traurig August 01 , 2022

In this episode, Mike Taylor and Adam Roseman talk to Nadine Mancini, General Counsel for the federal Occupational Safety and Health Review Commission in Washington, D.C.

3rd Circuit Issues Practical Death Knell to Nationwide FLSA Collective Actions Involving Employers Not Subject to General Jurisdiction in Circuit

By James N. Boudreau Greenberg Traurig July 29 , 2022

On July 26, 2022, in a win for employers, the Third Circuit Court of Appeals issued a precedential opinion in Christa Fischer, et al. v. Federal Express Corp., et al, No. 21-1683, affirming a decision from the Eastern District of Pennsylvania that refused to allow two opt-in plaintiffs to join a putative collective action under the Fair Labor Standards Act (FLSA) because the proposed plaintiffs’ claims for unpaid overtime had no connection to Pennsylvania.

More From Cybersecurity

Data transfers from a controller in the EEA, to another controller in the EEA, to a processor outside of the EEA

By David A. Zetoony Greenberg Traurig August 02 , 2022

The following is part of Greenberg Traurig’s ongoing series analyzing cross-border data transfers in light of the new Standard Contractual Clauses approved by the European Commission in June 2021.

Ransomware: To Pay or Not to Pay? It Just Got More Complicated

By Scott Ferber McDermott Will & Emery July 25 , 2022

When an organization experiences a ransomware attack, it must address significant—and sometimes competing—challenges under pressing deadlines.

Companies Offering to Cover Travel for Out-of-State Abortions Will Face Daunting Patchwork of Laws

By Sarah G. Raaii McDermott Will & Emery July 19 , 2022

Employers “would really need to do a state-by-state analysis of what the abortion laws are, whether and under what circumstances abortion is legal in most states,” said Sarah Raaii, an associate at McDermott Will and Emery.

Featured Stories
Closeclose
Search
Menu

Working...