HIPAA Privacy Rule

HIPAA Rights

HIPAA Rights Violation: What OCR Enforces and How to Comply

In 2019, OCR launched its HIPAA Right of Access Initiative — and since then, it has settled more than 45 enforcement actions specifically targeting organizations that

May 3, 2025

HIPAA Rules and Compliance

HIPAA Rules and Compliance: What Enforcement Data Reveals

In January 2024, OCR settled with a healthcare system for $4.75 million after investigators found the organization had failed to conduct an enterprise-wide risk

May 3, 2025

HIPAA Privacy Rule

HIPAA Rules Are Divided Into 2 Sections: Privacy and Security

When OCR settled with Premera Blue Cross for $6.85 million in 2020, the enforcement action didn't hinge on a single failure. Investigators

May 3, 2025

HIPAA Social Media Rules

HIPAA Social Media Rules: What Your Workforce Must Know

In 2022, a Texas dental practice paid a $10,000 settlement after a staff member responded to a negative online review by disclosing the patient&

Feb 28, 2025

HIPAA Telehealth Requirements

HIPAA Telehealth Requirements Your Organization Must Meet

When OCR announced in late 2024 that the pandemic-era telehealth enforcement discretion would not be extended indefinitely, hundreds of healthcare organizations suddenly realized they had

Feb 23, 2025

HIPAA Teletherapy

HIPAA Teletherapy Compliance Guidelines for 2025

When OCR settled with a behavioral health provider in 2023 for $125,000 after a therapist conducted sessions over a consumer-grade video platform without a

Feb 23, 2025

HIPAA Violation

HIPAA Violation in Healthcare: What Triggers OCR Action

In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million patients. The root cause wasn'

Jan 27, 2025

HIPAA Violations

HIPAA Violations List: The Most Common Failures in 2024

In February 2024, OCR settled with a healthcare provider for $4.75 million after an investigation revealed systemic failures across nearly every major HIPAA requirement

Nov 26, 2024

HIPAA Privacy Rule

HIPAA's Privacy Rule: What Your Organization Gets Wrong

In 2023, OCR settled with a dental practice for $350,000 after investigators found the organization had been disclosing patient records to a third-party marketing

Nov 26, 2024

HIPAA Agreement

HIPAA Agreement Requirements Every Organization Must Follow

In 2024, OCR settled with a New England dermatology practice for $300,000 after discovering that protected health information had been disclosed to a vendor

Nov 26, 2024

HIPAA Rules

HIPPA Rules and Regulations: What You Actually Need to Know

In 2023, OCR settled with Doctors' Management Services for $100,000 after a ransomware attack exposed the protected health information of over 206,000

Nov 15, 2024

HIPAA Patient Identifiers

How Many Patient Identifiers Are Required by HIPAA

A behavioral health clinic in Connecticut received a $125,000 penalty from OCR after disclosing a spreadsheet of patient data that staff believed was "

Jul 7, 2024