HIPAA requirements and training for business associates and third-party service providers
When the Cottage Health System paid $3 million to settle HIPAA violations in 2019, their breach affected over 62,000 patients — and a key finding
In 2023, OCR settled with a dental practice in New England for $350,000 after investigators discovered the organization had no written policies governing the
In March 2024, OCR settled with a healthcare provider for $950,000 after an investigation revealed the organization had failed to conduct a risk analysis
In 2023, OCR settled with a dental practice in New England for $50,000 — not because of a sophisticated cyberattack, but because the organization couldn&
In 2023, OCR settled with a Louisiana medical group for $480,000 after an investigation revealed — among other failures — that the organization had never implemented
When OCR settled with a Florida dental practice for $62,500 in 2023, the root cause wasn't a sophisticated cyberattack or a rogue
In 2023, OCR settled with a Louisiana medical group for $480,000 after a breach investigation revealed the organization had never implemented a workforce training
In 2024, OCR settled with a New England dermatology practice for $300,640 after investigators found that protected health information had been disclosed to a
In early 2024, OCR settled with a healthcare clearinghouse for $1.4 million after an investigation revealed that workforce members had never completed meaningful HIPAA
In 2023, OCR settled with a dental practice for $350,000 after investigators found the organization had no documented HIPAA training program — despite operating for
In February 2024, a dental practice in New England received a $50,000 penalty from the HHS Office for Civil Rights after an employee texted
In 2016, OCR settled with a business associate for $650,000 after a subcontractor experienced a breach affecting over 11,000 patients — and no business
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.