In the United States, pandemic contact-tracing apps are regulated under a patchwork of federal and state privacy laws, rather than a single, comprehensive framework. Contact-tracing initiatives often involve the collection and processing of sensitive data, including location and health information, which may fall under different legal regimes depending on the jurisdiction and type of data.
Key Regulations Affecting Contact-Tracing Apps:
* State Privacy Laws:
* States such as California (via the California Consumer Privacy Act - CCPA) and others have privacy laws that may apply to contact-tracing apps, particularly when personal data is collected or shared.
* State-level health privacy laws may also govern how health-related data is collected and used.
* HIPAA:
* HIPAA (Health Insurance Portability and Accountability Act) applies only if the app is used by or on behalf of a covered entity (e.g., healthcare providers or health plans). If the app is operated by a private company without a connection to a HIPAA-covered entity, HIPAA likely does not apply.
* Federal Guidance:
* The Federal Trade Commission (FTC) enforces general privacy protections under Section 5 of the FTC Act, which prohibits unfair or deceptive practices.
* The FTC has also issued guidance on privacy considerations for health-related apps.
* Other Federal and Sector-Specific Laws:
* If the app collects health-related data, it could also trigger obligations under laws like the Americans with Disabilities Act (ADA) or sector-specific rules.
Explanation of Options:
* A. Contact tracing is covered exclusively under the Health Insurance Portability and Accountability Act (HIPAA):This is incorrect. HIPAA applies only to covered entities and their business associates, not broadly to all contact-tracing apps or initiatives.
* B. Contact tracing is regulated by the U.S. Centers for Disease Control and Prevention (CDC):
This is incorrect. While the CDC provides guidance and recommendations for public health, it does not have regulatory authority over contact-tracing apps.
* C. Contact tracing is subject to a patchwork of federal and state privacy laws:This is correct.
Contact-tracing apps in the U.S. are governed by various federal, state, and sector-specific laws, creating a patchwork regulatory framework.
* D. Contact tracing is not regulated in the United States:This is incorrect. While there is no single regulatory framework for contact tracing, the practice is subject to multiple federal and state laws.
References from CIPP/US Materials:
* IAPP CIPP/US Certification Textbook: Discusses the application of HIPAA, state privacy laws, and federal regulations to health-related technologies, including contact-tracing apps.
* FTC Guidance on Health Apps: Details privacy considerations for app developers handling health- related data.

Title VII of the Civil Rights Act of 1964 is a federal law that prohibits employment discrimination based on race, color, religion, sex, and national origin1 It also prohibits retaliation against individuals who assert their rights under the law or participate in an EEOC investigation1 Title VII applies to employers with 15 or more employees, as well as to employment agencies, labor organizations, and joint labor-management committees1 Title VII prohibits employers from making pre-employment inquiries that express a preference, limitation, or specification based on any of the protected characteristics, unless they are bona fide occupational qualifications (BFOQs)2 BFOQs are rare and narrowly construed exceptions that allow employers to consider a protected characteristic when it is reasonably necessary to the normal operation of the business2 For example, a religious organization may require its employees to share its faith, or a women's shelter may hire only female counselors2 Option A is incorrect because questions about age are not prohibited by Title VII, but by the Age Discrimination in Employment Act of 1967 (ADEA), which protects individuals who are 40 years of age or older from employment discrimination based on age3 The ADEA generally prohibits employers from asking applicants about their age or date of birth, unless age is a BFOQ or the inquiry is part of a lawful affirmative action plan3 Option B is incorrect because questions about a disability are not prohibited by Title VII, but by the Americans with Disabilities Act of 1990 (ADA), which protects qualified individuals with disabilities from employment discrimination based on disability4 The ADA generally prohibits employers from asking applicants about whether they have a disability or the nature or severity of a disability, unless the inquiry is related to the ability to perform the essential functions of the job with or without reasonable accommodation4 Option C is incorrect because questions about a national origin are prohibited by Title VII, but not in all circumstances. Title VII prohibits employers from asking applicants about their national origin, ancestry, birthplace, native language, or accent, unless they are BFOQs or the inquiry is related to a legitimate business purpose, such as verifying eligibility to work in the United States or assessing language proficiency for a job that requires communication skills25 Option D is correct because questions about intended pregnancy are prohibited by Title VII, as amended by the Pregnancy Discrimination Act of 1978 (PDA), which protects women from employment discrimination based on pregnancy, childbirth, or related medical conditions. The PDA prohibits employers from asking applicants about whether they are pregnant or intend to become pregnant, unless they are related to the ability to perform the job. Such questions may indicate an intent to discriminate based on sex or pregnancy, or may deter women from applying for certain jobs.
References: 1: Title VII of the Civil Rights Act of 1964 | U.S. Equal Employment Opportunity Commission 2: Questions and Answers about Race and Color Discrimination in Employment | U.S. Equal Employment Opportunity Commission 3: Age Discrimination | U.S. Equal Employment Opportunity Commission 4: Disability Discrimination | U.S. Equal Employment Opportunity Commission 5: National Origin Discrimination | U.S. Equal Employment Opportunity Commission : Pregnancy Discrimination | U.S.
Equal Employment Opportunity Commission

FACTA added a new section to the FCRA that requires any person who maintains or otherwise possesses consumer information, or any compilation of consumer information, derived from consumer reports for a business purpose, to properly dispose of any such information or compilation. The purpose of this provision is to reduce the risk of identity theft and other consumer harm resulting from improper disposal of consumer information. The FTC and other federal agencies have issued rules implementing this provision, which specify the reasonable measures that covered entities must take to ensure secure disposal of consumer information, such as burning, pulverizing, shredding, erasing, or otherwise modifying the information to make it unreadable or indecipherable (16 CFR § 682.3). References: 1, 2, 3

Federal anti-discrimination laws, such as Title VII of the Civil Rights Act of 1964, the Equal Pay Act of 1963, the Age Discrimination in Employment Act of 1967, and the Americans with Disabilities Act of 1990, prohibit employers from discriminating against employees or applicants based on certain protected characteristics, such as race, color, religion, sex, national origin, age, disability, and genetic information.
These laws also limit the types of information that employers can collect, use, disclose, or retain about employees or applicants, in order to prevent discrimination or invasion of privacy. For example, employers cannot ask about an applicant's medical history, disability status, genetic information, or religious beliefs, unless they are relevant to the job or a bona fide occupational qualification. Employers also cannot use such information to make adverse employment decisions, such as hiring, firing, promotion, or compensation, unless they are justified by a legitimate business necessity or a reasonable accommodation. Employers must also safeguard the confidentiality of such information and dispose of it properly when it is no longer needed. References:
* Federal Laws Prohibiting Job Discrimination Questions And Answers
* Laws Enforced by EEOC
* Employment and Anti-Discrimination Laws in the Workplace
* Protections Against Discrimination and Other Prohibited Practices
* 3. Who is protected from employment discrimination?