HIPAA And Civil Liability

February 13, 2017

Regulatory Issues


Please pardon the lawyer speak in the title here, but that is sort of what this post is about.

Check out this piece. It is about the two lap top computers, stolen from Horizon Blue Cross Blue Shield, that contained unencrypted information about 840,000 plan members. Guess what happened next. You got it! A lawyer filed a class action suit on behalf of the wronged members.

Now life gets interesting, to the extent that the law ever does. Simply, a lower court rejected the suit since HIPAA does not set forth any personal remedies for HIPAA violations. Translated, only the Government has the right to dump on HIPAA violators.

BUT, an appeals court recently ruled that HIPAA can establish a standard of care, and organizations that violate this standard can be sued in non-Federal court systems. Note. There is no claim here that anyone was actually harmed by the theft in any material way. They have just been wronged!

Bottom Line. While damage awards are far from guaranteed under this set of circumstances, what is for sure is that Horizon will wind up with a lot of aggravation and legal expenses coming out of all of this.  The message of this appeals court ruling? If your organization is responsible for the storage of patient medical data, you should redouble your security efforts to make sure that something like this does not happen under your roof!


One Response to “HIPAA And Civil Liability”

  1. Glenna Crooks Says:

    Interesting, as one who was active on those policy issues at the time.

    Last week, a hospital in the Midwest sent me the link to a MyChart patient record so that I could go in an activate ‘my’ patient portal.

    The problem was: it was not my record. I’ve never been to that hospital. I contacted the hospital and it took several calls to find someone in a responsible position to let them know.

    Then, after I notified them, it happened again with that same patient’s records.

    Those of us who worked on HIPAA never envisioned possibilities such as these.


Leave a Reply