Business Associate Agreement

Business Associate HIPAA Agreement: What Must Be Included

In September 2023, OCR settled with a health system for $1.3 million after investigators found the organization had allowed a vendor to access protected

Oct 28, 2022

Business Associate

Business Associate HIPAA Compliance: What CEs Must Enforce

In June 2023, OCR settled with a business associate — a medical records management company — for $75,000 after a breach exposed the protected health information

Oct 25, 2022

Business Associate Agreement

Business Associates Agreement HIPAA: What You Must Include

In 2024, OCR settled with a New England dermatology practice for $300,000 after an investigation revealed it had allowed a business associate to access

Oct 25, 2022

Business Associates

Business Associates Must Comply with the HIPAA Privacy Standards

In 2023, OCR settled with a business associate — a medical records management company — for $100,000 after an investigation revealed failures to safeguard protected health

Oct 25, 2022

HIPAA Compliant Email

Compliant Email: HIPAA Rules for Sending PHI Securely

In 2023, OCR settled with a healthcare provider for over $100,000 after an investigation revealed that staff routinely sent unencrypted emails containing protected health

Sep 3, 2022

G Suite HIPAA

G Suite HIPAA Compliance: What Your Organization Must Do

In 2024, OCR settled a case with a healthcare provider that had been storing patient records in a cloud-based email platform — without a signed Business

Jun 13, 2022

Google Workspace HIPAA

Google Workspace HIPAA Compliant Cost: What You'll Pay

When OCR investigated a small medical practice in 2023 for storing patient records in a consumer Gmail account without a Business Associate Agreement, the practice

Apr 28, 2022

HIPAA Compliance

HIPAA Compliance Checklist for Business Associates

In 2024, OCR settled with a medical transcription company for $1.2 million after a breach investigation revealed the business associate had never conducted a

Mar 24, 2022

HIPAA Compliance

HIPAA Compliance G Suite: What You Must Configure

In 2023, OCR settled with a healthcare provider for over $1.25 million after an investigation revealed that protected health information was being shared through

Feb 28, 2022

HIPAA Compliance

HIPAA Compliant Cloud Provider: What You Must Verify

In 2022, OCR settled with a health plan for $1.25 million after an investigation revealed that the organization had migrated protected health information to

Feb 28, 2022

HIPAA Compliant Tracking

HIPAA Compliant Tracking: What Covered Entities Must Know

In December 2022, OCR issued a bulletin that sent shockwaves through the healthcare industry. The agency confirmed that common website tracking technologies — pixels, session replay

Feb 19, 2022

HIPAA BAA

HIPAA BAA: What Every Covered Entity Must Get Right

In 2024, OCR settled with a New England dermatology practice for $300,640 after investigators found that protected health information had been disclosed to a

Jan 3, 2021

Business Associate Agreement

Ready to Simplify HIPAA Compliance?