Parts of HIPAA
Parts of HIPAA: A Practical Guide to Every Title
Most People Only Know Two of the Five Parts of HIPAA I was running a compliance workshop for a mid-size hospital system last year when
Tag
HIPAA Security Rule
Content about HIPAA Security Rule safeguards and workforce training.
HIPAA Rules and Regulations
HIPAA Rules and Regulations: What Actually Matters
A hospital employee in South Carolina pulls up her ex-husband's medical record to see if he really went to that appointment he mentioned.
Technical Safeguards HIPAA
Technical Safeguards HIPAA: What Most Orgs Get Wrong
In 2018, the University of Texas MD Anderson Cancer Center lost a $4.3 million appeal after OCR found that unencrypted laptops and thumb drives
HIPAA Security Rule
The HIPAA Security Rule Applies to Which of the Following?
A community hospital in Yakima, Washington lost an unencrypted laptop in 2013. That single device held the electronic protected health information of 524 patients. The
HIPAA Training
HIPAA Employee Training Requirements: What OCR Expects
In 2024, OCR settled with a healthcare provider for $40,000 after an investigation revealed that multiple workforce members had never received HIPAA training — despite
HIPAA in a Nutshell
HIPAA in a Nutshell: What Every Healthcare Org Must Know
In 2023 alone, OCR settled or imposed civil money penalties in cases totaling over $4 million — and the majority involved failures that any organization with
HIPAA Compliance
HIPAA in Health Care: What Every Organization Must Know
In February 2024, OCR announced a $4.75 million settlement with a hospital system that failed to conduct an enterprise-wide risk analysis — a requirement that
HIPAA IT Support
HIPAA IT Support: What Your Tech Team Must Get Right
In 2023, OCR settled with a healthcare system for $1.3 million after an investigation revealed that a single misconfigured server — one that the IT
HIPAA Log Retention
HIPAA Log Retention: What Your Organization Must Keep
When OCR investigated a midsize hospital system in 2023, investigators didn't just ask about the breach itself — they asked for six years of
HIPAA Mandate
HIPAA Mandate: What Your Organization Must Do Now
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a former employee stole the protected health information of over
HIPAA New Rules
HIPAA New Rules: What Your Organization Must Do Now
In December 2023, the HHS Office for Civil Rights published a Notice of Proposed Rulemaking (NPRM) that would represent the most significant overhaul of the
HIPAA Omnibus Final Rule
HIPAA Omnibus Final Rule: What It Changed and Why It Still Matters
When OCR announced a $4.8 million settlement with New York-Presbyterian Hospital and Columbia University in 2014, the enforcement action underscored a regulatory landscape that