Enforcement Rule: Applies to Covered Entities Only? True or False
If you've encountered the question "the enforcement rule applies to covered entities only — true or false" on a compliance quiz, you
HIPAA regulations, compliance requirements, and violation prevention
If you've encountered the question "the enforcement rule applies to covered entities only — true or false" on a compliance quiz, you
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a former employee stole the protected health information of 12,
In 2018, the University of Texas MD Anderson Cancer Center lost a $4.3 million appeal after OCR determined that three data breaches involving unencrypted
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed massive gaps in risk
In 2022, OCR settled with a dental practice for $25,000 after an investigation revealed the organization had disclosed an entire patient medical record to
In 2023, OCR settled with a covered entity for over $100,000 after an investigation revealed that employees were routinely accessing patient records unrelated to
In February 2024, OCR settled with a New England dermatology practice for $300,640 after investigators found the organization had no policies implementing basic Privacy
When OCR investigated Premera Blue Cross in 2020, the resulting $6.85 million settlement exposed failures across every category of protection the HIPAA Security Rule
In 2023, OCR settled with a dental practice for $350,000 after investigators discovered the organization had no written security policies, no risk analysis, and
In February 2023, OCR settled with a healthcare provider for $1.25 million after investigators found failures spanning all three HIPAA rules — inadequate safeguards for
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed failures across multiple HIPAA
In 2023, OCR investigated a mid-size hospital that suffered a breach traceable to a volunteer who accessed patient records without authorization. The hospital argued the
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.