When information breaches lead to lawsuits
When it enacted HIPAA, the Department of Health and Human Services (HHS) chose to use a "carrot" rather than "stick" approach to enforcing the law. Penalties have been given for major breaches, but aside from that, there is little financial skin in the game for providers. At least until now.
When a provider wrongfully discloses protected health information, HIPAA does not provide patients with a legal remedy other than reporting the incident to HHS. But courts have begun to look at the issue differently, ruling, in some cases, that providers can be sued under state rules pertaining to privacy and negligence for breaches.
To read the full article, click here.