HealthBlawg

David Harlow's Health Care Law Blog

  • About
  • Archives
  • Podcast
  • Press
  • Awards/Reviews
  • HIPAA
  • HCSM

Federal appeals court: No private right of action to enforce HIPAA

November 16, 2006

Is there a private right of action to enforce HIPAA?  The answer is now more definitive than ever: No. 

This week, the Fifth Circuit Court of Appeals — the first federal appeals court to decide this issue — went along with every federal district court that has considered the issue (not to mention the regs themselves, which are pretty clear on the subject).  (See the decision here.  See HIPAA regs and more on OCR’s HIPAA page here.)

Why has the plaintiff bar continued to assert a private right of action under HIPAA?  First of all, why not?  Throw it all against the wall and see what sticks. Second, if it were successful, it would bootstrap a state law claim into Federal court, which may be beneficial to the plaintiff.  (In Acara v. Banks, the 5th Circuit decision handed down November 13, the remaining state law claims were dismissed because there was no diversity jurisdiction.)  Third, from a broader perspective, one function of the private lawsuit is to effect social change.

Now that the government seems poised to actually enforce HIPAA, the third reason may go by the boards (I know, I know . . . we still need to wait and see).  If enforcement is truly stepped up for the benefit of the public, perhaps the plaintiff bar can make peace with its inability to rely on the first two reasons for pursuing the private right of action. 

In any event, those within the community of "covered entities" under HIPAA need to get with the program and come into full compliance, and I have seen a renewed interest in HIPAA compliance audits of late.

— David Harlow

Related Posts

  • HIPAA: Liability to Private Parties for Violations

    This week, Connecticut joined at least nine other states (DE, KY, ME, MN, MO, NC,…

  • HIPAA confusion and solutions

    The current AIS Health Report on Patient Privacy tells us: National Review of HIPAA Compliance…

  • Stolen Laptops Class Action Gets New Legs

    Longtime HIPAA aficonados will recall that there is no private right of action under HIPAA.…

Filed Under: Health Law, HIPAA, Privacy

« OIG advisory dings existing and proposed home oxygen arrangements of DME supplier
Another cardiac surgery gainsharing opinion from the OIG »

Comments

  1. HIPAA Expert says

    March 4, 2007 at 1:42 pm

    Thank you for this information, however a private right of action was allowed to go forward using the HIPAA Privacy rule as the standard that health care providers cannot fall below in the State of North Carolina by the Appellate Court in that State.

    Take a look at Acosta v. Byrum, the Appellate Court allowed an indivivual to sustain a cause of action on negligent infiction of emotional distress.

    Also see the State of Oregon wherein the AG in that State facilitated the settlement of class action lawsuit, see the OR AG’s web site for this information against Providence Health.

    More like this is to come!!!!

Threads

Follow me on: Threads

Mastodon

Follow me on: Mastodon

HIPAAtools

Hipaatools

The HIPAA Compliance Toolkit

The Walking Gallery

The Walking Gallery

Quick Links

  • Home
  • Categories
  • Archives
  • Podcast Interviews
  • HIPAAtools
  • HIPAA Compliance
  • Health Care Social Media
  • Speaking
  • In the Press
  • Blogroll

David Harlow

David Harlow

HealthcareNOW Radio

  • Subscribe
  • Contact
  • Book Me: Speaking
  • About
  • The Harlow Group LLC
Copyright © 2006–2025
HealthBlawg is a publication of The Harlow Group LLC. See Copyright notice and disclaimer.
Fair use with attribution and a link is encouraged. Click for more on David Harlow.
[footer_backtotop text="Back to top" href="#"]