A recent study revealed a continuous increase in medical malpractice claims related to electronic health records over a ten-year period.
There is no single compilation of what reasonable steps a party might take to avoid the loss of electronically stored information or the imposition of related sanctions for such a loss.
It is common for healthcare providers and business associates to have websites—which may be covered by the Americans with Disabilities Act (ADA) or analogous state laws.
Violations of HIPAA cannot be prosecuted by individuals but, depending on the jurisdiction, individuals can seek monetary awards based on loss of privacy.
The duty to preserve is triggered by knowledge of actual litigation or reasonable anticipation of litigation.
Data security lapses can also be investigated and charges filed against a healthcare provider or business associate under HIPAA and State laws