Medicaid Information Breach

Utah’s recent Medicaid information breach has left the health information of approximately 780,000 Utah residents compromised, including potentially 255,000 Social Security numbers. HIPAA does not provide a private right of action. Thus, residents are limited in their remedies:

In Utah, action would have to be taken by the state’s attorney general or the federal Office for Civil Rights. The only possible remedy would come from enforcement of a violation of the Health Information Portability and Accountability Act, if one is substantiated in the first place, according to Tenielle Brown, an associate professor at the University of Utah’s S.J. Quinney College of Law. In Utah, action would have to be taken by the state’s attorney general or the federal Office for Civil Rights. “Of the two parts of the HIPAA rule, the privacy rule is trying to get at that unauthorized disclosure of patient medical records,” Brown said. “It doesn’t appear to be what happened in this case. It appears it was a security breach just by failing to have adequate safeguards in place.”

HIPAA and HITECH create penalties for breaches. Individuals and entities holding personal health information (HIPAA) should consult an experienced attorney who can draft appropriate HIPAA compliant policies and procedures.

Book your Legal Strategy Session now
Michael H Cohen Healthcare & FDA Lawyers

Contact our healthcare law and FDA attorneys for legal advice relevant to your healthcare venture.

Contact Us

discovery-call-cta-vertical

Related Posts

Crucial Issues for Aesthetic Medical Practices – Part One

Physicians should review their Employment Agreement or risk Violating Federal and State Law

Legal Compliance Issues for American Medical Tourism Health Practices

Start typing and press Enter to search