HIPAA regulations, compliance requirements, and violation prevention
In 2023, a small dermatology practice in the Southeast received citations from both OSHA and OCR within the same quarter. The OSHA violation involved improper
In September 2023, OCR settled with a health plan for $40,000 after the organization failed to provide a patient with timely access to their
In 2023, OCR settled with a dental practice in New England for $50,000 after an investigation revealed that staff members were routinely sharing patient
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed systemic failures in risk
In 2023, OCR settled with a dental practice in New England for $350,000 after an investigation revealed that staff members had been sharing patient
In 2023, OCR settled with a New England dermatology practice for $300,640 after an investigation revealed that protected health information — including names, dates of
In February 2024, OCR settled with a dental practice for $70,000 after an employee disclosed a patient's treatment information on social media.
In February 2024, OCR settled with a Louisiana medical group for $480,000 after determining that the organization had failed to provide patients timely access
In February 2024, a dental practice in New England received a $50,000 penalty from the HHS Office for Civil Rights after an employee texted
In December 2023, HHS published a Notice of Proposed Rulemaking (NPRM) that would represent the most significant overhaul of the HIPAA Security Rule since its
When OCR settled with Banner Health for $1.25 million in 2023, the core finding was painfully familiar: the organization had failed to conduct an
In 2023, OCR settled with a healthcare provider for $1.3 million after an investigation revealed the organization had no encryption on portable devices, no
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.