On November 9, the Florida Supreme Court ruled in the case of Emma Gayle Weaver, etc. v. Stephen C. Myers, M.D., et al., that the right to privacy under
Continue Reading Florida Supreme Court Rules That Privacy Continues After Death
Lawsuits
Equifax Breach Checker – Curiosity May Have a Cost (But it’s Refundable)
Individuals who have received notice of a HIPAA breach are often offered free credit monitoring services for some period of time, particularly if the protected health information involved included social…
Continue Reading Equifax Breach Checker – Curiosity May Have a Cost (But it’s Refundable)
Where’s Your Wallet? The Ongoing Saga of FTC v. LabMD (Part 2 of 2)
It was the wallet comment in the response brief filed by the Federal Trade Commission (FTC) in the U.S. Court of Appeals for the 11th Circuit that prompted me…
Continue Reading Where’s Your Wallet? The Ongoing Saga of FTC v. LabMD (Part 2 of 2)
From the Wild West to Westworld and (Maybe) Back to Normal – the Ongoing Saga of LabMD (Part 1 of 2)
It was nearly three years ago that I first blogged about the Federal Trade Commission’s “Wild West” data breach enforcement action brought against now-defunct medical testing company LabMD. Back then,…
Continue Reading From the Wild West to Westworld and (Maybe) Back to Normal – the Ongoing Saga of LabMD (Part 1 of 2)
Dumpster Diving for PHI Exposes Business Associate (and Physician Practice) to Liability
A Chicago record storage and disposal company has been named in a complaint filed by the Illinois Attorney General as a result of the negligent disposal of a medical practice’s…
Continue Reading Dumpster Diving for PHI Exposes Business Associate (and Physician Practice) to Liability
Connecticut “Opens Floodgates” for HIPAA Litigation
My partner Elizabeth Litten and I were recently interviewed for an article entitled “Connecticut ‘opens floodgates’ for HIPAA litigation” published in “Privacy this Week” by DataGuidance. The full text …
Continue Reading Connecticut “Opens Floodgates” for HIPAA Litigation
PHI Breach Involving Health Plan Leads to Lawsuit by Identity Theft Victims Who Were Plan Members
The principle that individuals whose protected health information is stolen, lost, or otherwise inappropriately used, accessed, or left unsecured have no private right of action against the person or entity responsible for the breach under the HIPAA/HITECH laws may change for victims of identity theft who can show the theft was caused by a HIPAA breach, at least if the action is brought in the 11th Circuit.
Continue Reading PHI Breach Involving Health Plan Leads to Lawsuit by Identity Theft Victims Who Were Plan Members
The Hazards of Data Mining: Minnesota AG Sues Collection Agency for Breach, Improper Use of PHI
A Wall Street-based medical collection service has been sued by the Minnesota Attorney General after losing a laptop containing sensitive information about 23,500 patients treated by two hospitals which contracted…
A First: Connecticut AG Settles With Health Net Over Breach For $250,000
In the first settlement of a HIPAA enforcement action brought by a state attorney general under the new authority granted by the HITECH Act, Connecticut Attorney General Richard Blumenthal announced…
Continue Reading A First: Connecticut AG Settles With Health Net Over Breach For $250,000
Help Me Understand HIPAA!
It’s been years since HIPAA became a household term. Yet, there continues to be a significant amount of confusion about when it applies, what types of uses and disclosures of PHI are …