The Ohio Supreme Court has ruled that the state’s open records law overrules the protections for medical records under the federal Health Insurance Portability and Accountability Act (HIPAA), Government Health IT reports.Attorney John Greiner was the legal counsel for the Cincinnati Enquirer in its successful proceeding to order the city to hand over information regarding building owners who’d been cited for lead paint violations, according to Government Health IT. Greiner told Government Health IT that the decision is possibly the first regarding a clash between states’ open records laws and HIPAA.A number of states have open records laws, so the case’s outcome could prove to be a landmark ruling should similar situations emerge in other locales.On March 17, the state’s Supreme Court ruled unanimously that the Cincinnati Health Department was in the wrong when it used HIPAA’s privacy protections as an excuse not to provide the Enquirer with information on lead paint violations, according to Government Health IT. Joy Pritts, director of Georgetown University’s Center for Medical Rights and Privacy, told Government Health IT that the Ohio court “probably reached the right decision, given the way HIPAA is written.”Pritts was referring to a provision within HIPAA that states all health records must be kept private unless otherwise required under state law, Government Health IT reports. “That exception can be seen as large enough to drive a truck through,” Pritts told Government Health IT.The issue is further complicated by a clause within Ohio’s Public Records Law that says many health records must be publicly available unless a federal law says otherwise, according to Government Health IT.Though the court found that records pertaining to lead paint in houses should not be classified as medical records, and therefore are not protected under HIPAA, it also said that even if the records were covered by the act, the state’s open records law would have superseded it, Government Health IT reports.Keep checking in at our CSO Security Feed page for updated news coverage. Related content news Multibillion-dollar cybersecurity training market fails to fix the supply-demand imbalance Despite money pouring into programs around the world, training organizations have not managed to ensure employment for professionals, while entry-level professionals are finding it hard to land a job By Samira Sarraf Oct 02, 2023 6 mins CSO and CISO CSO and CISO CSO and CISO news Royal family’s website suffers Russia-linked cyberattack Pro-Russian hacker group KillNet took responsibility for the attack days after King Charles condemned the invasion of Ukraine. By Michael Hill Oct 02, 2023 2 mins DDoS Cyberattacks feature 10 things you should know about navigating the dark web A lot can be found in the shadows of the internet from sensitive stolen data to attack tools for sale, the dark web is a trove of risks for enterprises. Here are a few things to know and navigate safely. By Rosalyn Page Oct 02, 2023 13 mins Cybercrime Security news ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations By Lucian Constantin Oct 02, 2023 4 mins Hacker Groups Ransomware Cybercrime Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe