A Chicago record storage and disposal company has been named in a complaint filed by the Illinois Attorney General as a result of the negligent disposal of a medical practice’s patient records in an unlocked dumpster. The complaint alleges that FileFax, Inc. violated the Illinois Consumer Fraud and Deceptive Business Practices Act by failing to… Continue Reading
My partner Elizabeth Litten and I were recently interviewed for an article entitled “Connecticut ‘opens floodgates’ for HIPAA litigation” published in “Privacy this Week” by DataGuidance. The full text of the article can be found in the November 13, 2014 issue of “Privacy this Week,” but a discussion of the article is set forth below.… Continue Reading
The principle that individuals whose protected health information is stolen, lost, or otherwise inappropriately used, accessed, or left unsecured have no private right of action against the person or entity responsible for the breach under the HIPAA/HITECH laws may change for victims of identity theft who can show the theft was caused by a HIPAA breach, at least if the action is brought in the 11th Circuit.
A Wall Street-based medical collection service has been sued by the Minnesota Attorney General after losing a laptop containing sensitive information about 23,500 patients treated by two hospitals which contracted with the company. More significantly, the AG’s complaint alleges that the company, Accretive Health, Inc., was mining, analyzing and using the data for purposes that… Continue Reading
In the first settlement of a HIPAA enforcement action brought by a state attorney general under the new authority granted by the HITECH Act, Connecticut Attorney General Richard Blumenthal announced that the state had entered into an agreement with Health Net for failing to secure patient health and financial information. The AG had brought suit… Continue Reading
It’s been years since HIPAA became a household term. Yet, there continues to be a significant amount of confusion about when it applies, what types of uses and disclosures of PHI are permitted, and if individuals can sue someone for a HIPAA violation. The Office for Civil Rights recently published separate guides, one for health care providers and one for patients, to… Continue Reading
Yesterday, the White House Office of the Press Secretary announced that President Bush signed the Genetic Information Nondiscrimination Act of 2008 ("GINA"). The intent of GINA is to protect individuals from employers and insurance companies denying employment, promotions or health coverage to people when genetic tests show they have a predisposition to cancer, heart disease, or other ailments. … Continue Reading
The National Law Journal reported in its June 2007 issue that The Health Insurance Portability and Accountability Act (HIPAA) is raising new legal fears for health care providers concerning privacy suits. Labor and employment attorneys are concerned that courts have begun to let plaintiffs use HIPAA standards to prove liability in privacy suits, even though… Continue Reading