Is this a big hint that we finally want HIPAA enforced? I think so and at least with discussions and training just like anything, enforcement should probably increase, that is if the violations are clearly there. HITECH has a lot of other gray line stuff that happens to in healthcare, so it’s not always cut and dry when determining HIPAA violations. The normal privacy issues are pretty up front as far as the paper side but when electronic records and other Health IT services come into play, it’s not that easy to identify and prevention is the best medicine of course. BD
The Department of Health and Human Services' Office for Civil Rights will host four regional meetings to train staff from state and territorial attorneys general offices on enforcement of the HIPAA privacy and security rules.
The HITECH Act gives attorneys general authority to enforce the privacy and security rules through civil actions. In a statement on its Web site, OCR welcomes collaboration with attorneys general seeking to bring actions to enforce the rules, and will provide information upon request about pending or concluded OCR actions against covered entities or business associates related to state investigations.