HIPAA Certify Blog (Page 36)

HIPAA Laws

What HIPAA Laws Protect and How to Stay Compliant

In January 2024, OCR settled with a New England dermatology practice for $300,000 after a breach exposed the electronic protected health information of nearly

Carl B. Johnson · Jan 4, 2022

HIPAA Letter

HIPAA Letter Requirements Every Covered Entity Must Know

In February 2024, OCR settled with a New York medical practice for $100,000 after the organization failed to provide a timely written response to

Carl B. Johnson · Jan 4, 2022

HIPAA Login

HIPAA Login Requirements: Securing Access to PHI

In 2023, OCR settled with a healthcare system for $1.3 million after investigators found that a former employee's HIPAA login credentials remained

Carl B. Johnson · Jan 4, 2022

HIPAA Mental Health Records

HIPAA Mental Health Records: Privacy Rules You Must Know

In 2022, OCR settled with a New England dermatology practice for $300,640 after a breach exposed patient records — including sensitive mental health information — that

Carl B. Johnson · Jan 4, 2022

HIPAA Need to Know

HIPAA Need to Know: The Minimum Necessary Standard

In 2023, OCR settled with a health system for $1.3 million after an investigation revealed that employees across multiple departments had unrestricted access to

Carl B. Johnson · Jan 4, 2022

HIPAA Omnibus Rule

HIPAA Omnibus Rule of 2013: What Still Applies Today

When OCR announced a $4.8 million settlement with New York-Presbyterian Hospital and Columbia University in 2014, it was one of the first major enforcement

Carl B. Johnson · Dec 31, 2021

HIPAA Paper Records

HIPAA Paper Records: Safeguards You Can't Ignore

In 2018, OCR settled with Filefax Inc. for $100,000 after the company left medical records — paper records containing protected health information — sitting in an

Carl B. Johnson · Dec 31, 2021

HIPAA Paperwork

HIPAA Paperwork: What Your Organization Actually Needs

When OCR investigators arrive at a covered entity's door — whether triggered by a patient complaint or a reported breach — the first thing they

Carl B. Johnson · Dec 4, 2021

HIPAA Patient Form

HIPAA Patient Form: What Your Practice Must Include

In January 2024, OCR settled with a dental practice in New England for $50,000 after investigators discovered the organization had been using a HIPAA

Carl B. Johnson · Dec 4, 2021

HIPAA Policy for Employees

HIPAA Policy for Employees: What Your Workforce Needs

In 2023, OCR settled with a covered entity for $40,000 after a former employee accessed patient records without authorization — months after leaving the organization.

Carl B. Johnson · Dec 4, 2021

HIPAA Policy

HIPAA Policy Sample: What Your Organization Actually Needs

When OCR investigated Anthem Inc. and imposed a record $16 million settlement in 2018, the enforcement action didn't just cite a data breach.

Carl B. Johnson · Dec 4, 2021

HIPAA Policy Templates

HIPAA Policy Templates Free: Why Free Isn't Compliant

In 2023, a small specialty clinic in the Southeast received a corrective action plan from OCR after a breach investigation revealed that their "policies

Carl B. Johnson · Dec 4, 2021

HIPAA Compliance Insights

What HIPAA Laws Protect and How to Stay Compliant

HIPAA Letter Requirements Every Covered Entity Must Know

HIPAA Login Requirements: Securing Access to PHI

HIPAA Mental Health Records: Privacy Rules You Must Know

HIPAA Need to Know: The Minimum Necessary Standard

HIPAA Omnibus Rule of 2013: What Still Applies Today

HIPAA Paper Records: Safeguards You Can't Ignore

HIPAA Paperwork: What Your Organization Actually Needs

HIPAA Patient Form: What Your Practice Must Include

HIPAA Policy for Employees: What Your Workforce Needs

HIPAA Policy Sample: What Your Organization Actually Needs

HIPAA Policy Templates Free: Why Free Isn't Compliant

Ready to Simplify HIPAA Compliance?