The Department of Health and Human Services has determined that Cignet Health violated the privacy rule of the Health Insurance Portability and Accountability Act of 1996. The agency fined Cignet 4.3 million for denying patients access to their medical records and for failing to cooperate with the investigation. This is the first time that the agency has used its legal authority to penalize a company for privacy violations. For more information, see EPIC: Medical Privacy.
Share this page:
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a biweekly newsletter highlighting emerging privacy issues.
Communications Law and Policy
Jerry Kang and Alan Butler