HIPAA Privacy Rule

HIPAA Privacy Rule

The Privacy Rule HIPAA: What Your Organization Must Do

In February 2024, OCR settled with a New England dermatology practice for $300,640 after investigators found the organization had no policies implementing basic Privacy

Aug 30, 2023

PHI

Under HIPAA Law What Is the Best Description of PHI

In 2023, OCR settled with a dental practice for $350,000 after an investigation revealed the organization had disclosed patient records without authorization — in part

Jul 1, 2023

HIPAA Payers

Under HIPAA Payers May Not Misuse PHI: Key Rules

In 2023, OCR settled with a major health plan for $1.3 million after an investigation revealed the plan had used enrollee protected health information

Jul 1, 2023

Minimum Necessary Rule

Under HIPAA What Is the Minimum Necessary Rule?

In 2023, OCR settled with a covered entity for over $1.2 million after an investigation revealed that workforce members routinely accessed full patient records

Jul 1, 2023

HIPAA Violations

Violating HIPAA Consequences: What Your Organization Risks

In February 2023, OCR announced a $1.3 million settlement with Banner Health after a data breach affecting nearly 3 million individuals. The root cause

Jul 1, 2023

HIPAA Violations

What Are Examples of HIPAA Violations? Real Cases

In February 2023, OCR announced a $1.3 million settlement with Banner Health after a hacking incident exposed the protected health information of nearly 3

Jun 19, 2023

Patient Rights

What Are the Six Patient Rights Under the Privacy Rule

In 2023, OCR settled with a dental practice in New England for $50,000 after it failed to provide a patient with a copy of

Jun 14, 2023

Patient Identifiers

What Are the Two Patient Identifiers for HIPAA?

In 2023, a mid-size hospital system received an OCR complaint after a front-desk employee released lab results to a caller who provided only a patient&

May 26, 2023

HIPAA Omnibus Rule

What Did the HIPAA Omnibus Rule Do? Key Changes

In January 2013, the Department of Health and Human Services published a final rule that fundamentally reshaped HIPAA enforcement — and many healthcare organizations are still

May 26, 2023

HIPAA Laws

What Do HIPAA Laws Protect? A Compliance Guide

In February 2024, OCR settled with a Louisiana medical group for $480,000 after a phishing attack exposed the protected health information of over 34,

May 26, 2023

Minimum Necessary Standard

What Does It Mean to Follow the Minimum Necessary Standard

In 2022, a specialty clinic in the Midwest disclosed an entire patient record — surgical history, psychiatric notes, billing details — to an employer conducting a routine

May 24, 2023

HIPAA Basics

What Does the Abbreviation HIPAA Mean? Purpose Explained

In 2023, OCR settled with a health system for $1.3 million after investigators found systemic failures in safeguarding patient records — failures that traced back

May 24, 2023