HIPAA Security Rule

Business Associate Agreement

Business Associates Agreement HIPAA: What You Must Include

In 2024, OCR settled with a New England dermatology practice for $300,000 after an investigation revealed it had allowed a business associate to access

Oct 25, 2022

CMS HIPAA Training

CMS HIPAA Training: What Healthcare Organizations Must Know

In 2023, OCR settled with a covered entity for $1.3 million after investigators discovered that workforce members had never received adequate HIPAA training — despite

Oct 25, 2022

HIPAA Compliant Email

Compliant Email: HIPAA Rules for Sending PHI Securely

In 2023, OCR settled with a healthcare provider for over $100,000 after an investigation revealed that staff routinely sent unencrypted emails containing protected health

Sep 3, 2022

EHR and HIPAA Compliance

EHR and HIPAA Compliance: What Your Organization Must Get Right

In 2023, OCR settled with a healthcare system for $1.3 million after an investigation revealed that a former employee had accessed over 2,700

Sep 3, 2022

Elements of HIPAA

Elements of HIPAA: The Core Rules Every Organization Must Know

In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed systemic failures across multiple

Sep 3, 2022

HIPAA Compliance

Essential Part of HIPAA Compliance Most Organizations Miss

In 2023, OCR settled with a solo dental practice in New England for $30,000—not because of a massive data breach, but because the

Jul 18, 2022

G Suite HIPAA

G Suite HIPAA Compliance: What Your Organization Must Do

In 2024, OCR settled a case with a healthcare provider that had been storing patient records in a cloud-based email platform — without a signed Business

Jun 13, 2022

Healthcare EDI Training

Healthcare EDI Training: A HIPAA Compliance Priority

In 2023, a mid-size health plan received a corrective action from OCR after an investigation revealed that staff responsible for processing electronic claims had never

Apr 28, 2022

HIPAA Violations

Healthcare HIPAA Violations: What Triggers OCR Enforcement

In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a workforce member stole protected health information (PHI) of over

Apr 28, 2022

HHS HIPAA Training

HHS HIPAA Training: What Your Organization Must Know

In February 2024, OCR settled with a Louisiana medical group for $480,000 after an investigation revealed — among other failures — that the organization had never

Apr 28, 2022

Business Associates

HIPAA Awareness Training for Business Associates: Requirements

In 2024, OCR settled with a business associate — a medical transcription company — for $1.2 million after a breach investigation revealed that not a single

Apr 1, 2022

HIPAA Basic Rules

HIPAA Basic Rules Every Covered Entity Must Follow

In February 2024, OCR settled with a Louisiana medical group for $480,000 after investigators found the organization had failed to implement even the most

Apr 1, 2022