After eleven years of litigation, including two decisions by the Connecticut Supreme Court, Byrne v. Avery Center for Obstetrics and Gynecology, P.C. has finally reached a verdict. Last month, the jury awarded the plaintiff $853,000 in damages in connection with her physician practice’s 2005 release of medical records in response to a non-HIPAA compliant subpoena. The subpoena was issued in connection with a paternity suit brought by the plaintiff’s former boyfriend, a man whom the plaintiff had specifically requested her physician practice not share her medical information with.

Without speculating too much about its judicial progeny, Byrne nevertheless highlights several areas of HIPAA compliance that should be areas of heightened review for physicians and medical providers now. Please click here for a detailed analysis of this verdict and its implications for providers.

EmailTweetLikeLinkedInGoogle Plus
Photo of William J. Roberts William J. Roberts

William Roberts is the Chair of Shipman & Goodwin LLP’s Privacy and Data Protection team. Bill is also a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals (IAPP). Bill focuses his practice at the intersection of privacy, technology and the law, and represents a wide range of public and private entities. He assists clients nationwide in navigating legal challenges with respect to regulatory compliance, governmental investigations, data breaches and complex contracting. Clients who seek Bill’s guidance range from start-ups to Fortune 50 companies.

Aside from helping his busy clients, Bill is a father and lifelong skier.

Bill’s complete biography can be found here.

Photo of Damian Privitera Damian Privitera

Damian Privitera advises clients on the design and implementation of data privacy and cybersecurity compliance strategies. He regularly counsels businesses across sectors on data breach identification, investigation and response, internal policy and procedure development, contracting procurement, and website privacy policies and terms of use. Damian helps clients comply with specific data privacy and cybersecurity rules including the GDPR, New York DFS cybersecurity regulations, and HIPAA. His privacy and cybersecurity-related interests include data subject rights, workforce education and compliance, and international data collection, use and transfer. Damian’s complete biography can be found here.