Written by Dianne Bourque
On January 13, Connecticut Attorney General Richard Blumenthal filed charges against Health Net of Connecticut, Inc., for violating federal privacy law. Blumenthal is the first state attorney general to file such a suit using HIPAA enforcement authority granted to states under the HITECH provisions of the American Recovery and Reinvestment Act of 2009.
The law suit was prompted by Health Net’s loss of a portable disk drive from a Connecticut office. The unencrypted drive contained health and other personal information for approximately 1.5 million current and former Health Net members. Almost one-half million of the affected members were Connecticut residents.
In a statement, Health Net said that it would cooperate with the Attorney General and that there is no evidence that any of the lost data had been misused.