It was nearly three years ago that I first blogged about the Federal Trade Commission’s “Wild West” data breach enforcement action brought against now-defunct medical testing company LabMD.   Back then,
Continue Reading From the Wild West to Westworld and (Maybe) Back to Normal – the Ongoing Saga of LabMD (Part 1 of 2)

The principle that individuals whose protected health information is stolen, lost, or otherwise inappropriately used, accessed, or left unsecured have no private right of action against the person or entity responsible for the breach under the HIPAA/HITECH laws may change for victims of identity theft who can show the theft was caused by a HIPAA breach, at least if the action is brought in the 11th Circuit.
Continue Reading PHI Breach Involving Health Plan Leads to Lawsuit by Identity Theft Victims Who Were Plan Members