An interesting federal case in the Southern District of Ohio Eastern Division reminds us that the HIPAA statute does not provide for a private cause of action. And so, when the Ohio Hospital for Psychiatry sought to compel a former employee to return patient information she had allegedly removed improperly, the court had to deny their request. On the other hand, though, the court held that it did have the authority to bar the nurse from using the information in her court case.
Cabotage v. Ohio Hospital for Psychiatry, Civil Action 2:11-cv-50
h/t, Brian D. Hall