The terms “genetic information”, “genetic test”, and “family member” have the meanings given such terms in section 300gg–91 of this title, as amended by the Genetic Information Nondiscrimination Act of 2007.[1]
The terms “group health plan” and “health insurance coverage” have the meanings given such terms under section 300gg–91 of this title, and the term “medicare supplemental policy” has the meaning given such term in section 1395ss(g) of this title.
The term “HIPAA privacy regulation” means the regulations promulgated by the Secretary under this part and section 264 of the Health Insurance Portability and Accountability Act of 1996 (42 U.S.C. 1320d–2 note).
The revisions under subsection (a) shall be made by notice in the Federal Register published not later than 60 days after May 21, 2008, and shall be effective upon publication, without opportunity for any prior public comment, but may be revised, consistent with this section, after opportunity for public comment.
In addition to any other sanctions or remedies that may be available under law, a covered entity that is a group health plan, health insurance issuer, or issuer of a medicare supplemental policy and that violates the HIPAA privacy regulation (as revised under subsection (a) or otherwise) with respect to the use or disclosure of genetic information shall be subject to the penalties described in sections 1320d–5 and 1320d–6 of this title in the same manner and to the same extent that such penalties apply to violations of this part.