Biometric Information Privacy Act Proposed by Florida Lawmakers

New bills (SB 1270 /HB 1153) have been proposed by Senator Gary Farmer (D-FL) and Representative Bobby DuBose (D-FL) that call for companies to obtain consent from consumers before they collect and utilize biometric data.

The bills introduce the Florida Biometric Information Privacy Act, which is much the same as the Illinois Biometric Information Privacy Act that was enacted in 2008. The new proposed law requires private entities to tell consumers the reasons why they are collecting their biometric information and the planned uses for the information at the time of getting consent. Companies are also required to create and publish policies addressing data retention and information disposal. Once the reason for data collection has been realized, or three years have passed between the last contact with a person, biometric data must be securely erased or destroyed.

Implementing safety measures to secure stored biometric data will be mandatory to make certain that biometric data stays private and confidential and the Act also forbids companies from making money from biometric data and prohibits the sale, leasing, or exchanging of biometric data.

Biometric data is classified as any data based on an person’s biometric identifiers which may be employed to identify a person, for instance, fingerprints, iris/retina scans, face scans and voice prints. Biological samples, handwriting samples, signatures, medical photos, and pictures are not classed as biometric data and the Act will not be applicable to any data that HIPAA-covered entities capture, utilize, or store for the purposes of providing treatment, paying for healthcare, or performing operations covered by the HIPAA Privacy Rule.

The Florida Biometric Information Privacy Act has a private right of action that would enable consumers to file lawsuits against entities that violate their privacy and claim damages from $1,000 to $5,000, and reasonable attorney fees.

Rep. DuBose explained that this common-sense law will allow Floridians to have peace of mind that their most important information is being managed conscientiously and that private organizations will be made accountable for the inappropriate use or unauthorized disclosure of their data.

HIPAA
Compliance
Checklist

Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

Download Free Checklist

In the event that the Florida Biometric Information Privacy Act is signed into law, the effective date will be October 1, 2019.

About Liam Johnson

Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: https://www.linkedin.com/in/liamhipaa/