HIPAA Rules
What Are the 3 Rules of HIPAA? A Plain-English Guide
A small dermatology practice in Connecticut thought they had HIPAA covered. They had a privacy notice on their website and a shredder in the back
Tag
Breach Notification Rule
A collection of 24 posts
HIPAA Breach
Definition of HIPAA Breach: What Actually Triggers One
A Stolen Laptop, a Missing Exception, and a $3 Million Problem In 2018, the University of Texas MD Anderson Cancer Center lost an unencrypted laptop
PHI Breach Reporting
When Must PHI-Related Breaches Be Reported? Deadlines
A Hospital Waited 101 Days. It Cost Them $4.8 Million. In 2019, Presence Health agreed to a $475,000 settlement with the Office for
HIPAA in a Nutshell
HIPAA in a Nutshell: What Every Healthcare Org Must Know
In 2023 alone, OCR settled or imposed civil money penalties in cases totaling over $4 million — and the majority involved failures that any organization with
HIPAA Omnibus Final Rule
HIPAA Omnibus Final Rule: What It Changed and Why It Still Matters
When OCR announced a $4.8 million settlement with New York-Presbyterian Hospital and Columbia University in 2014, the enforcement action underscored a regulatory landscape that
HIPAA Violation Penalty
HIPAA Violation Penalty Tiers Explained for 2024
In October 2023, OCR settled with a healthcare system in Louisiana for $480,000 after a phishing attack compromised the protected health information of over
HITECH Act
HITECH Act Summary: What Covered Entities Must Know
When OCR levied a $4.3 million settlement against MD Anderson Cancer Center in 2018 for unencrypted devices containing protected health information, the enforcement authority
HITECH Act
Purpose of the HITECH Act: What It Means for HIPAA
In February 2011, Cignet Health of Prince George's County, Maryland, received a $4.3 million civil money penalty from the Office for Civil
HIPAA Rules
The Three Parts of HIPAA Are: What Every Organization Must Know
In 2023, OCR settled with a dental practice for $350,000 after investigators discovered the organization had no written security policies, no risk analysis, and
HIPAA Rules
Three HIPAA Rules Every Covered Entity Must Follow
In February 2023, OCR settled with a healthcare provider for $1.25 million after investigators found failures spanning all three HIPAA rules — inadequate safeguards for
HIPAA Rules
Three Primary Rules of HIPAA: What Your Organization Must Know
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed failures across multiple HIPAA
HIPAA Components
What Are the 5 Main Components of HIPAA?
In 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals revealed failures across multiple HIPAA requirements