In addition to any other sanctions or remedies that may be available under law, a covered entity that is a group health plan, health insurance issuer, or issuer of a medicare supplemental policy and that violates the HIPAA privacy regulation (as revised under subsection (a) or otherwise) with respect to the use or disclosure of genetic information shall be subject to the penalties described in sections
1320d–5 and
1320d–6 of this title in the same manner and to the same extent that such penalties apply to violations of this part.