Relevant Privacy Laws

There are several state laws tied to privacy, examples include:

•CA Consumer Privacy Act

•CT Privacy Law

•New York Privacy Act

•Utah Consumer Privacy Act

•Virginia Consumer Data Protection Act

•Washington Privacy Act (April 2023)

Working with de-identified data

Generally, all the laws state entities and individuals with access to de-identified data:

•Take reasonable measures to ensure data cannot be associated with a consumer

•Process such data only in a deidentified fashion

•Do not attempt to reidentify such data

HIPAA Privacy Rule

SAIL™ uses de-identified data derived from covered entities and business associates to provide clients with scoring and disaggregated clinical indicators (ICD10, NDC, Procedures, etc.)

•Data sources are subject to HIPAA Privacy Rule

•Obligations are passed on to Gradient AI and clients

•We must ensure PHI is NOT released and the individual / data remains de-identified