A collection of 170 posts
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed systemic failures in risk
In 2023, OCR settled with a dental practice in New England for $350,000 after an investigation revealed that staff members had been sharing patient
In February 2024, OCR settled with a dental practice for $70,000 after an employee disclosed a patient's treatment information on social media.
In February 2024, OCR settled with a Louisiana medical group for $480,000 after determining that the organization had failed to provide patients timely access
In February 2024, a dental practice in New England received a $50,000 penalty from the HHS Office for Civil Rights after an employee texted
When OCR settled with Banner Health for $1.25 million in 2023, the core finding was painfully familiar: the organization had failed to conduct an
In 2024, OCR settled with a New England dermatology practice for $300,640 after an investigation revealed the organization had no policies implementing the Privacy
In 2023, CMS published over 12.9 billion dollars in physician payment data through the Open Payments database — the public-facing arm of the Sunshine Act.
In February 2024, OCR settled with a Louisiana medical group for $480,000 after the office failed to provide a patient timely access to her
In 2023, OCR settled with a dental practice in New England for $23,000 after an investigation revealed the organization had disclosed patient appointment information
In 2023, OCR settled with a dental practice for $350,000 after the organization disclosed patient records to a third-party marketing firm without authorization — largely
In 2023, a specialty clinic in the Southeast agreed to a six-figure settlement with OCR after routinely disclosing patient records to a marketing firm — without
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.