Content about HIPAA Security Rule safeguards and workforce training.
In December 2022, OCR issued a bulletin that sent shockwaves through the healthcare industry. The agency confirmed that common website tracking technologies — pixels, session replay
In 2023, a mid-sized cardiology practice in Texas received an OCR investigation request following a patient complaint. The issue wasn't a data breach
In 2019, a Texas dental practice paid $10,000 to settle potential HIPAA violations after OCR investigated an impermissible disclosure of a patient's
In 2023, a mid-sized health plan paid over $1.2 million in a settlement with the HHS Office for Civil Rights after failing to produce
In 2022, OCR investigated a small dental practice in North Carolina that had failed to provide patients with a Notice of Privacy Practices for over
In 2023, OCR settled with a healthcare system for $1.25 million after investigators discovered that an IT department had failed to implement adequate access
In 2022, a small dental practice in North Carolina agreed to a $50,000 settlement with the Office for Civil Rights (OCR) after a patient
In 2023, OCR settled with a healthcare system for $1.3 million after investigators found that a former employee's HIPAA login credentials remained
In 2023, OCR settled with a covered entity for $40,000 after a former employee accessed patient records without authorization — months after leaving the organization.
In 2023, a small specialty clinic in the Southeast received a corrective action plan from OCR after a breach investigation revealed that their "policies
In 2023, OCR settled with a small health plan in Louisiana for $55,000 after an investigation revealed the organization had never designated a security
When OCR investigated Anchorage Community Mental Health Services in 2014, the resulting $150,000 settlement wasn't triggered by a sophisticated cyberattack. It was
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.