Content about HIPAA Privacy Rule requirements and training.
Why a Single Patient Identifier Triggers Full HIPAA Protection In 2023, OCR settled with a New England dermatology practice for $300,640 after an investigation
In December 2023, OCR settled with a healthcare system for $480,000 after an investigation revealed workforce members had been emailing unencrypted patient information to
In December 2023, OCR issued its largest-ever HIPAA settlement — a $4.75 million penalty against Montefiore Medical Center after a workforce member stole protected health
Last year, a mid-size orthopedic practice in the Southeast received a medical records subpoena from an attorney involved in a personal injury lawsuit. The office
A mid-size hospital system in the Midwest allowed its entire billing department unrestricted access to complete patient medical records — including clinical notes, mental health histories,
In 2023, OCR settled a case with Yakima Valley Memorial Hospital for $240,000 after 23 security guards were found snooping through patient medical records
In 2022, OCR settled with a dental practice in New England for $50,000 — not because of a data breach, but because the practice failed
In 2022, OCR settled with a dental practice in North Carolina for $50,000 — not because of a data breach, but because the practice failed
In 2022, OCR settled with a dental practice in Georgia for $62,500 — not because of a data breach, but because the practice failed to
In 2023, OCR settled with a dental practice for $350,000 after an investigation revealed the organization had disclosed patient health information PHI to a
In 2023, a mid-sized hospital system paid $1.3 million to settle with OCR after a researcher published a dataset they believed was "anonymized&
In 2023, OCR settled with a health system that had been using an outdated authorization form for nearly four years — one that failed to include
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.