A dozen state attorneys general have united to bring the first multistate lawsuit under  federal health care privacy law, in connection with a medical records company data breach that put millions of patient records at risk.

The lawsuit is part of a growing trend of state enforcement of consumer and data privacy laws, and the first such AG suit under HIPAA—the federal Health Insurance Portability and Accountability Act of 1996, which requires companies to protect the privacy of patient information. The U.S. Department of Health and Human Services usually enforces HIPAA and the Federal Trade Commission usually enforces consumer data breach violations.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Advance® Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]