A group of medical privacy activists got a disappointing verdict in their attempt at enjoining HIPAA enforcement. The 4th Circuit last week found in favor of Tommy Thompson (HHS Secretary) and held that the privacy legislation is constitutional. The plaintiffs plan to appeal to the Supreme Court.
Read the opinion here.
Meanwhile the "first" HIPAA complaint was filed against a Florida Hospice agency alleging improper disclosure of personal information on the Internet. The Hospice opponents argue that their confidentiality has been systematically breached and that the record-keeping and data systems are partially to blame. The local newspaper and the opponents' site linked above have bits about it.
Read the complaint filed by the Hospice opponents as a class action in the Florida suit here. It's not clear how much the use of the terms "record-keeping systems" or "data" are indicative of a case against impropriety of the software outsourcing company Hospice used or how much the plaintiffs actually allege a suit regarding technical privacy or security requirements under HIPAA. From what I can tell it's more of the former.
Although the Florida suit is claiming itself as the first under HIPAA, there are hosts of suits filed under state health care privacy laws regularly.