A collection of 29 posts
In 2018, a medical billing company called Advanced Care Hospitalists paid $500,000 to settle with HHS after a business associate they'd hired
A cloud storage vendor loses a laptop containing 20,000 patient records. The hospital that hired them gets the breach notification letter. The vendor insists
The Vendor That Cost a Health Plan $4.3 Million In 2016, Advocate Health Care Network agreed to pay $5.55 million to settle multiple
A few years ago, I got a call from the CEO of a mid-sized billing company. His team had been processing claims for a hospital
A Psychiatrist Hit "Start Meeting" and Everything Went Wrong A behavioral health provider in the Midwest was using Zoom for patient sessions throughout
The Downstream Liability Most Business Associates Overlook In 2023, OCR settled with a medical transcription company for over $100,000 after a breach traced not
In January 2025, HHS confirmed that the temporary telehealth enforcement discretion introduced during the COVID-19 public health emergency has ended. That means every healthcare organization
In 2024, OCR settled with a New England dermatology practice for $300,000 after discovering that protected health information had been disclosed to a vendor
In 2022, OCR settled with a health plan for $875,000 after an investigation revealed that protected health information stored in a cloud environment lacked
In early 2023, a small behavioral health practice in the Midwest contacted me after receiving a patient complaint. A clinician had been conducting therapy sessions
In 2016, OCR settled with North Memorial Health Care of Minnesota for $1.55 million after determining that a business associate had provided PHI access
In 2023, OCR settled with a health system for $1.25 million after discovering that the organization had allowed a vendor to access protected health
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.