In the absence of a federal data privacy law, each state has developed its own approach to privacy. Recently, Montana joined the growing list of states implementing privacy regulations with the Genetic Information Privacy Act (GIPA). Constangy partner and Cyber Team member, Jordan Fischer, details this new biometric privacy regulation in an article published by OneTrust Data Guidance.

Unlike many state privacy laws that are more comprehensive, GIPA focuses on protecting Montanans' genetic information and prohibits the disclosure of a consumer's genetic data to employers and health insurance, life insurance, or long-term care insurance companies without consent. Jordan delves into the specific definitions, requirements, enforcement, and exceptions in the full article, which can be found here.

Jordan Fischer is a partner and cyber attorney who focuses her practice on of compliance with state, federal, and global data privacy regulations. She advises clients on a variety of regulations, including but not limited to the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA), the Illinois Biometric Privacy Act (BIPA) and other biometric privacy laws, the Fair Credit Reporting Act (FCRA), and the Driver’s Privacy Protection Act (DPPA). She also counsels on global data breach standards and privacy frameworks such as International Standards Organization (ISO) 27001 and 27701, the National Institute of Standards and Technology (NIST), and the Payment Credit Card Industry Data Security Standard (PCI DSS). Jordan is a globally recognized thought leader in the data security and privacy space and the host of the American Bar Association's podcast, 'Cybersecurity and Data Privacy: The New Frontier.'


Back to Page