HIPAA regulations, compliance requirements, and violation prevention
When the Cottage Health System paid $3 million to settle HIPAA violations in 2019, their breach affected over 62,000 patients — and a key finding
In 2023, a mid-sized health plan paid $1.3 million to settle with OCR after a breach investigation revealed that staff had been sharing spreadsheets
In 2023, OCR settled with a health system for $1.3 million after an investigation revealed that employee spreadsheets containing patient names, dates of birth,
In 2023, OCR investigated a mid-sized hospital system that disclosed five years of patient records to a life insurance company based on an authorization form
In February 2024, OCR settled with a healthcare provider for $480,000 after investigators found the organization had failed to conduct a risk analysis, neglected
In February 2023, Banner Health agreed to a $1.25 million settlement with the Office for Civil Rights after a 2016 breach exposed the protected
In January 2024, OCR settled with a New England dermatology practice for $300,000 after a breach exposed the electronic protected health information of nearly
In February 2024, OCR settled with a New York medical practice for $100,000 after the organization failed to provide a timely written response to
In 2023, OCR settled with a healthcare system for $1.3 million after investigators found that a former employee's HIPAA login credentials remained
In 2022, OCR settled with a New England dermatology practice for $300,640 after a breach exposed patient records — including sensitive mental health information — that
In 2023, OCR settled with a health system for $1.3 million after an investigation revealed that employees across multiple departments had unrestricted access to
When OCR announced a $4.8 million settlement with New York-Presbyterian Hospital and Columbia University in 2014, it was one of the first major enforcement
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.