Skip Navigation

State Attorney’s General Flexing New HIPAA Enforcement Muscle

Bookmark and Share

December 9, 2009- Two elements of the HITECH amendment to HIPAA will be used as the basis to pursue a recently exposed privacy breach.  According to a report appearing on on December 9th, the Attorneys General of both Connecticut and Arizona will prosecute a healthcare organization under their new HIPAA enforcement powers granted by the HITECH amendment.  This validates the expectation of many analysts that state AGs would take a more aggressive position on enforcement than Health and Human Services (HHS) had in the past. 

Ironically, the basis of the prosecution is also the result of another, separate HITECH amendment requiring health data breach notification.  The organization at the center of the charges is Health Net, who allegedly failed to report a data breach affecting hundreds of thousands of people in these states and others. 

A new NAID marketing brochure titled “Reducing the NEW RISKS of the NEW HIPAA” will be available soon.  Samples will be mailed to all US Active and Franchise Members this month. 

Full Article