A collection of 28 posts
The Hurricane That Exposed a Hospital's HIPAA Blind Spot In the aftermath of Hurricane Katrina, hospitals across the Gulf Coast scrambled to reunite
Last year, I watched a three-physician practice in the Midwest spend eleven months fighting an OCR investigation — without a lawyer for the first four. By
A nurse in Tennessee pulls up her ex-husband's medical records after a custody dispute. A front desk worker in Colorado texts a photo
A Nurse, a Hallway, and a $4.75 Million Settlement In 2021, a major health system paid $4.75 million to settle allegations from the
A Single Telehealth Claim Triggered a $1.5 Million Investigation A mid-size behavioral health practice in the Southeast thought they had telehealth billing figured out.
A hospital employee in South Carolina pulls up her ex-husband's medical record to see if he really went to that appointment he mentioned.
A receptionist at a New York City dental clinic mentioned a patient's upcoming root canal to the patient's coworker — casually, in
A Fax Machine, a $4.75 Million Penalty, and Why HIPAA Still Catches Organizations Off Guard In 2020, a large health system called Premera Blue
A Single Fax Machine Cost This Hospital $4.8 Million In 2019, a fax at NewYork-Presbyterian Hospital sent a patient's PHI to the
In 2023, OCR settled with a Louisiana medical group for $480,000 after a HIPAA security incident involving a stolen unencrypted laptop — an incident the
In 2023, OCR settled with a healthcare system for $1.3 million after investigators found the organization had no process for identifying or responding to
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a former employee sold protected health information of over 12,
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.