Covered Entity

HIPAA Privacy Rule

Who Is Required to Comply with the HIPAA Privacy Rule

In 2023, OCR settled with a dental practice in New England for $50,000 after finding it had no policies implementing the Privacy Rule — despite

Dec 14, 2022

HIPAA Rules

5 Rules of HIPAA: What Every Covered Entity Must Know

In 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed failures across multiple HIPAA requirements

Dec 13, 2022

Administrative Simplification

Administrative Simplification HIPAA: What It Means

When OCR settled with Anthem Inc. for $16 million in 2018 — the largest HIPAA settlement in history at that time — the enforcement action didn'

Dec 13, 2022

American Health Training HIPAA

American Health Training HIPAA: What You Need to Know

In February 2024, OCR settled with a healthcare system for $480,000 after investigators found that workforce members had never completed HIPAA training — despite handling

Dec 13, 2022

HIPAA Training

CEDR HIPAA Training: What You Need to Know in 2024

When OCR investigated a small dental practice in 2023 for an impermissible disclosure of protected health information, the first document they requested was proof of

Oct 25, 2022

CMS HIPAA Training

CMS HIPAA Training: What Healthcare Organizations Must Know

In 2023, OCR settled with a covered entity for $1.3 million after investigators discovered that workforce members had never received adequate HIPAA training — despite

Oct 25, 2022

HIPAA Complaints

How to Contact HIPAA: Filing Complaints and Getting Help

In 2023, the Office for Civil Rights (OCR) received over 32,000 complaints alleging HIPAA violations — and resolved the vast majority through investigation, corrective action,

Sep 3, 2022

Elements of PHI

Elements of PHI: What Qualifies as Protected Health Information

In 2023, OCR settled with a dental practice for $350,000 after an investigation revealed the organization had disclosed patient names, treatment records, and Social

Sep 3, 2022

Fraud Abuse and Waste

Fraud Abuse and Waste in Healthcare: HIPAA's Role

In 2023, the Department of Justice recovered over $2.68 billion in settlements and judgments related to healthcare fraud. Behind nearly every one of those

Jun 13, 2022

HIPAA Release Form

Generic HIPAA Release Form: What You Must Know

In 2023, OCR settled with a healthcare provider for $50,000 after determining that the organization had disclosed protected health information using an authorization form

Jun 13, 2022

Google Workspace HIPAA

Google Workspace HIPAA Compliant Cost: What You'll Pay

When OCR investigated a small medical practice in 2023 for storing patient records in a consumer Gmail account without a Business Associate Agreement, the practice

Apr 28, 2022

HB 300 Texas

HB 300 Texas: What It Means for HIPAA Compliance

When a Texas-based hospital system was fined by the state attorney general for failing to train its workforce on state-specific privacy requirements, the organization'

Apr 28, 2022