Lawsuits | Legal Health Information Exchange

State HIE Sued for Alleged “Unauthorized” Use of PHI for Research

State HIE Sued for Alleged “Unauthorized” Use of PHI for Research

by Helen Oscislawski | Jan 31, 2025 | HIE & HIN, Lawsuits, Research

On January 3, 2025, a significant lawsuit was filed against a state HIE. The case was brought by a former employee and whistleblower who alleges that the HIE permitted unauthorized access and use of PHI for research purposes in violation of federal and state law, as well as operational policies. Although the facts that are currently known to the public are not sufficient to conclude whether or not HIPAA’s standards applicable to research were met, this case has the potential to influence not only the immediate parties involved but also broader interpretations of HIPAA compliance and enforcement in research settings. At a minimum, the case serves as a reminder that HIEs should be taking proactive steps to ensure that their internal policies, data use agreements, and HIPAA BAAs explicitly address research-related and similar activities in compliance with federal and state laws, including HIPAA.

Texas Sues to Block new HIPAA Reproductive Health Care Rule

Texas Sues to Block new HIPAA Reproductive Health Care Rule

by Morgan McDonald | Sep 9, 2024 | HIPAA, HIPAA Privacy, Lawsuits

Texas Attorney General, Ken Paxton, has sued HHS alleging that the HIPAA Reproductive Health Care Privacy Rule amendments infringe on the state’s investigative authority and that the HIPAA statute does not grant sufficient authority to HHS to promulgate such a rule. Texas is seeking an injunction against enforcement of the final rule.

American Hospital Association Sues HHS for its HIPAA Online Tracking Guidance

American Hospital Association Sues HHS for its HIPAA Online Tracking Guidance

by Helen Oscislawski | Nov 7, 2023 | Government Enforcement, HIPAA, HIPAA Breach Notification, Lawsuits

The American Hospital Association, joined by a few others, has sued the federal government to enjoin them from enforcing their published Guidance on “Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.”

HAPPY NEW YEAR! A LOT will be happening in 2023!

HAPPY NEW YEAR! A LOT will be happening in 2023!

by Helen Oscislawski | Jan 1, 2023 | 42 CFR Part 2, Health IT, HIPAA, Lawsuits, Other

The New Year is finally here, and I believe that there will be a LOT going on in 2023! Here are just a few of the things that Legal HIE is looking to stay on top of for our readers this year . . .

Are Lawsuits for Violations of HIPAA’s Deidentification Standards About to Take Off – and What Can You Do About It?

Are Lawsuits for Violations of HIPAA’s Deidentification Standards About to Take Off – and What Can You Do About It?

by Helen Oscislawski | Apr 30, 2020 | HIPAA, Lawsuits

A recent opinion article published in STAT News explored whether potential litigation is looming surrounding the de-identified data exception in HIPAA. The authors of the article point out that “large volumes of data underpin the development of any AI effort,” which is why companies…

BCBS Plans Defend against Antitrust Class Actions

by Krystyna Monticello | Sep 5, 2012 | Lawsuits

BCBS Plans Defend against Antitrust Class Actions Back at the end of July, a class action lawsuit was filed against Blue Cross Blue Shield of Alabama (BCBS Alabama), the Blue Cross Blue Shield Association (the “Association”), and multiple BCBS Plans for antitrust violations. The...

The ACA SCOTUS Decision in Plain English

by Krystyna Monticello | Jul 16, 2012 | Lawsuits

The ACA SCOTUS Decision in Plain English As we all know from the “media drama” as some might call the countless media coverage, news articles, blogs and other posts, the Supreme Court of the United States (“SCOTUS”) upheld the Patient Protection and Affordable Care Act (“ACA”) on June...

Will HIPAA Conviction Appeal Loss Open the “Zhou” Gates?

by Helen Oscislawski | May 31, 2012 | Government Enforcement, Lawsuits

Will HIPAA Conviction Appeal Loss Open the “Zhou” Gates? This post is prepared by Christopher Dodson. Readers of this blog are probably familiar with the case of Dr. Huping Zhou, who was successfully prosecuted for violating HIPAA’s privacy protections. Zhou accessed the patient records of...

State AG Brings First HIPAA Lawsuit Against Business Associate

by Krystyna Monticello | Feb 8, 2012 | Business Associates, Government Enforcement, HIPAA, Lawsuits

State AG Brings First HIPAA Lawsuit Against Business Associate Last month, I posted how treatment of business associates during HIPAA investigations remains unclear as well as assignment of liability for breaches of PHI. A final “omnibus rule” is expected to clarify the HITECH business...

Yet Another Class-Action Filed After Breaches of Patient Data

by Krystyna Monticello | Dec 30, 2011 | Lawsuits

Yet Another Class-Action Filed After Breaches of Patient Data In what appears to be the trend in California for 2011, another class-action lawsuit has been filed, this time by patients of the University of California-Los Angeles (UCLA) Health System affected by a data breach in early...

Doctor Faces Criminal Charges for Wrongful Disclosures under “False Pretenses”

by Krystyna Monticello | Jun 29, 2011 | Government Enforcement, Lawsuits

Doctor Faces Criminal Charges for Wrongful Disclosures under “False Pretenses” Tripping on the heels of the HIPAA criminal charges against Chelsea Catherine Stewart for theft of patient information, (see my previous post on June 14, 2011), a physician was indicted June 21, 2011 on three...

Class Action Sought for Charleston Area Medical Center Breach

by Krystyna Monticello | May 9, 2011 | Data Breach Laws, Lawsuits

Class Action Sought for Charleston Area Medical Center Breach Patients affected by a West Virginia hospital breach that went undetected for several months are seeking certification as a class action as reported by Health Data Management. Five of the approximately 3,655 affected...

« Older Entries

Archives

Categories

42 CFR Part 2 (8)
Anti-Kickback Statute (1)
Care Coordination (1)
CMS Proposed Rule (2)
COVID-19 (14)
Data Breach Laws (24)
FTC (Federal Trade Commission) (3)
GDPR (2)
Government Enforcement (48)
Health IT (29)
HIE & HIN (49)
HIPAA (69)
- Business Associates (2)
- Covered Entity Provider (1)
- HIPAA Breach Notification (2)
- HIPAA Privacy (11)
- HIPAA Security (7)
Information Blocking (31)
Lawsuits (29)
Legislation & Rulemaking (31)
Meaningful Use & Quality Payment Program (39)
OIG Proposed Rule (1)
Other (19)
Privacy & Consent (43)
Research (2)
Security & Cybersecurity (6)
Stark Law (1)
TEFCA (1)
Telehealth/Telemedicine (2)
Tools & Resources (6)
Webinars & Education (10)