On January 20, 2026, the New Jersey Governor signed Assembly Bill A5017 (“Amendment”), amending the New Jersey Data Protection Act (“NJDPA”). The Amendment exempts data that is not protected health information (“non-PHI”) from the NJDPA when it is handled by covered entities or business associates in accordance with the privacy and security requirements of the Health Insurance Portability and Accountability Act (“HIPAA”). Examples of “non-PHI” may include website technical and analytics data or…
By: Alston & Bird
By: Alston & Bird
