HIPAA Compliance

HIPAA Privacy Rule

The Privacy Rule HIPAA: What Your Organization Must Do

In February 2024, OCR settled with a New England dermatology practice for $300,640 after investigators found the organization had no policies implementing basic Privacy

Aug 30, 2023

HIPAA Security Rule

The Security Rule Requires Three Safeguards: What to Know

When OCR investigated Premera Blue Cross in 2020, the resulting $6.85 million settlement exposed failures across every category of protection the HIPAA Security Rule

Aug 30, 2023

HIPAA Rules

The Three Parts of HIPAA Are: What Every Organization Must Know

In 2023, OCR settled with a dental practice for $350,000 after investigators discovered the organization had no written security policies, no risk analysis, and

Aug 30, 2023

HIPAA Rules

Three HIPAA Rules Every Covered Entity Must Follow

In February 2023, OCR settled with a healthcare provider for $1.25 million after investigators found failures spanning all three HIPAA rules — inadequate safeguards for

Aug 30, 2023

HIPAA Rules

Three Primary Rules of HIPAA: What Your Organization Must Know

In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed failures across multiple HIPAA

Jul 1, 2023

HIPAA Training

Training Requirements Include Volunteers Under the Direction of an Entity

In 2023, OCR investigated a mid-size hospital that suffered a breach traceable to a volunteer who accessed patient records without authorization. The hospital argued the

Jul 1, 2023

HIPAA Violations

Types of HIPAA Violations: A Breakdown for 2024

In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a workforce member stole the protected health information of over

Jul 1, 2023

PHI

Under HIPAA Law What Is the Best Description of PHI

In 2023, OCR settled with a dental practice for $350,000 after an investigation revealed the organization had disclosed patient records without authorization — in part

Jul 1, 2023

Minimum Necessary Rule

Under HIPAA What Is the Minimum Necessary Rule?

In 2023, OCR settled with a covered entity for over $1.2 million after an investigation revealed that workforce members routinely accessed full patient records

Jul 1, 2023

US Sunshine Act

US Sunshine Act: What HIPAA Professionals Must Know

In 2022, CMS reported over $12.59 billion in payments from drug and device manufacturers to physicians and teaching hospitals through the Open Payments database

Jul 1, 2023

HIPAA Violations

Violating HIPAA Consequences: What Your Organization Risks

In February 2023, OCR announced a $1.3 million settlement with Banner Health after a data breach affecting nearly 3 million individuals. The root cause

Jul 1, 2023

HIPAA Violations

Violation of HIPAA Cases: Lessons from Recent Enforcement

In February 2023, OCR announced a $1.3 million settlement with Banner Health after a breach affecting nearly 3 million individuals exposed catastrophic failures in

Jul 1, 2023