Content about HIPAA Security Rule safeguards and workforce training.
In February 2023, OCR settled with a health system for $1.25 million after investigators found a fundamental gap: the organization had never conducted a
In January 2024, OCR settled with a healthcare system for $4.75 million after investigators found the organization had failed to conduct an enterprise-wide risk
When OCR settled with Premera Blue Cross for $6.85 million in 2020, the enforcement action didn't hinge on a single failure. Investigators
In 2023, OCR settled with a healthcare system for $1.3 million after investigators found the organization had no process for identifying or responding to
In 2023, OCR settled with a healthcare provider for $1.3 million after an investigation revealed the organization had failed to implement even basic technical
When OCR settled with Premera Blue Cross for $6.85 million in 2020, the root cause wasn't a single missing firewall or an
In 2023, a dental practice in Texas paid a $50,000 settlement after a staff member texted a patient's diagnosis and insurance details
In January 2025, HHS confirmed that the temporary telehealth enforcement discretion introduced during the COVID-19 public health emergency has ended. That means every healthcare organization
When OCR announced in late 2024 that the pandemic-era telehealth enforcement discretion would not be extended indefinitely, hundreds of healthcare organizations suddenly realized they had
When OCR settled with a behavioral health provider in 2023 for $125,000 after a therapist conducted sessions over a consumer-grade video platform without a
In 2023, a small dental practice in Texas received a six-figure settlement demand from OCR after a patient complaint revealed staff were texting appointment details,
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million patients. The root cause wasn'
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.