A collection of 27 posts
The Vendor That Cost a Health Plan $4.3 Million In 2016, Advocate Health Care Network agreed to pay $5.55 million to settle multiple
A few years ago, I got a call from the CEO of a mid-sized billing company. His team had been processing claims for a hospital
A Psychiatrist Hit "Start Meeting" and Everything Went Wrong A behavioral health provider in the Midwest was using Zoom for patient sessions throughout
The Downstream Liability Most Business Associates Overlook In 2023, OCR settled with a medical transcription company for over $100,000 after a breach traced not
In January 2025, HHS confirmed that the temporary telehealth enforcement discretion introduced during the COVID-19 public health emergency has ended. That means every healthcare organization
In 2024, OCR settled with a New England dermatology practice for $300,000 after discovering that protected health information had been disclosed to a vendor
In 2022, OCR settled with a health plan for $875,000 after an investigation revealed that protected health information stored in a cloud environment lacked
In early 2023, a small behavioral health practice in the Midwest contacted me after receiving a patient complaint. A clinician had been conducting therapy sessions
In 2016, OCR settled with North Memorial Health Care of Minnesota for $1.55 million after determining that a business associate had provided PHI access
In 2023, OCR settled with a health system for $1.25 million after discovering that the organization had allowed a vendor to access protected health
In June 2023, OCR settled with a dental management company for $350,000 after discovering it had allowed a business associate to access protected health
In 2023, OCR settled with a business associate that failed to ensure its subcontractors had proper safeguards in place for protected health information. The penalty
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.