Washington has become the first U.S. state with broad consumer health data protections with the signing of the "My Health, My Data" Act by Gov. Jay Inslee, StateScoop reports. Aside from requiring companies to obtain user consent for health data collection, sharing, and selling, the law also bans the use of geofencing technology to facilitate data collection in healthcare facilities and other locations. Consumers have also been given the right to file charges against companies that did not provide explicit consent on data collection, with the state's attorney general tasked to take civil action for the consumer cases. Such a law provides better protections for personal health information not covered by the Health Information Portability and Accountability Act, said Future of Privacy Forum fellow Felicity Slater. "The act's broad scope and exacting requirements could create compliance hurdles for a wide range of covered entities, and its private right of action provides a private enforcement mechanism not usually available under U.S. privacy laws," Slater added.