Content about HIPAA Security Rule safeguards and workforce training.
In February 2024, OCR settled with a healthcare provider for $480,000 after investigators found the organization had never conducted a comprehensive risk analysis — a
In December 2023, HHS published a Notice of Proposed Rulemaking (NPRM) that represents the most significant update to the HIPAA Security Rule since its original
In February 2024, OCR settled with a healthcare system for $4.75 million after investigators found the organization had failed to encrypt protected health information
In 2023, a regional health system paid $850,000 to settle an OCR investigation that traced a data breach back to a single unsecured text
In 2023, OCR settled with a dental practice in New England for $50,000 — not because of a sophisticated cyberattack, but because the organization couldn&
In 2023, OCR settled with a Louisiana medical group for $480,000 after an investigation revealed — among other failures — that the organization had never implemented
When OCR settled with a Florida dental practice for $62,500 in 2023, the root cause wasn't a sophisticated cyberattack or a rogue
In 2023, OCR settled with a Louisiana medical group for $480,000 after a breach investigation revealed the organization had never implemented a workforce training
In 2023, OCR settled with a Louisiana medical group for $480,000 after a former employee accessed patient records without authorization for months — and no
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affected nearly 3 million individuals. The investigation revealed longstanding failures
Every month, OCR receives complaints about protected health information sent via unsecured text messages — a nurse texting a patient's lab results to a
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting over 2.81 million individuals exposed systemic failures in
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.