New Jersey’s existing, comprehensive privacy law was amended at the end of last month, with some tweaks that mirror changes seen in other privacy laws. (For example, changes that went into place for the Connecticut law last year). The amendments took effect immediately upon the governor’s signature.
As we have previously covered, the New Jersey comprehensive privacy law is very similar to those from other states. The amendments include new definitions and exemption provisions. These include exempting from the law not only HIPAA “protected health information,” but also information “treated like protected health information.” The definition of de-identified has also been modified to include situations where (in the HIPAA context) data recipients are contractually prohibited from reidentifying data.
Putting it into Practice: These changes may be small, but they signal that states are continuing to modify and tweak their “comprehensive” privacy laws. We except to see similar modifications as the year progresses.