To help State Attorneys General (SAG) begin to implement their enforcement authority under the HITECH Act, in 2011, the Office for Civil Rights (OCR) presented a 2-day, instructor-led HIPAA Enforcement Training course in 4 locations across the country.  Here’s today’s big tip – Learn like you’re the Chief Legal Officer of your state…view the OCR SAG training…


SAG are given jurisdiction under The HITECH Act to bring civil action on behalf of their citizens.  Actions have been taken in several states already.   All the videos and slides have been recently made available by OCR and may be found at:


“(1) CIVIL  ACTION.—Except as  provided in  subsection  (b), in   any   case   in   which   the   attorney  general  of  a   State  has reason to believe that an  interest of one or more  of the  residents of that State has   been   or  is  threatened or  adversely  affected by any  person who violates a provision of this part, the  attorney general  of  the   State,  as   parens  patriae,  may   bring  a   civil action on  behalf of  such   residents of  the   State in  a  district court of the  United States of appropriate jurisdiction—”

‘‘(A) to enjoin further such violation by the  defendant; Or

‘‘(B) to obtain  damages  on  behalf  of  such   residents of the State, in an amount equal to the amount determined under paragraph (2).”

According to the OCR website, OCR developed HIPAA Enforcement Training to help State Attorneys General and their staff use their new authority to enforce the HIPAA Privacy and Security Rules.  The training course will aid State Attorneys General in investigating and seeking damages for HIPAA violations that affect residents of their states.  Videos and slides from live training sessions conducted in 2011 are available through the OCR website.

Training Agenda

This training course was originally offered in 2011 and is no longer available. Learn about our educational Clearwater HIPAA Compliance Program BootCamp™.

More HIPAA HITECH Resources:

The complete HIPAA Privacy, Security and Breach regulations are here.

Series Navigation<< HIPAA Audit Tips – Compliance Lessons Learned for HIPAAtites from Financial ServicesHIPAA Audit Tips – OCR Audit Protocol – First Thoughts >>

Bob Chaput

CEO at Clearwater Compliance
Bob Chaput is widely recognized for his extensive and in-depth knowledge of healthcare compliance and cyber risk management, and is one of the industry’s leading authorities in healthcare information security today. As a leading authority safeguarding health data, Chaput has supported hundreds of hospitals and health systems to successfully manage healthcare’s evolving cybersecurity threats and ensure patient safety.