State attorneys general will be getting a few lessons in HIPAA. The Office for Civil Rights, the enforcer of the HIPAA privacy and security rules, announced this week training sessions for state AGs to help them in their new authority to enforce the HIPAA privacy and security rules.
The HITECH Act gave state attorneys general authority to bring civil actions on behalf of state residents for HIPAA violations. It also permits the attorneys to obtain damages on behalf of state residents.
Last July, Connecticut attorney Richard Blumenthal's office announced a $250,000 settlement with insurer Health Net and its affiliates regarding a breach of personal health information affecting nearly a half million Connecticut enrollees.
The settlement was a landmark one because Blumenthal's office was the first to cash in on the HITECH-granted authority.
As for the training OCR's sessions will include the following topics: