HIPAA Login
HIPAA Login Requirements: Securing Access to PHI
In 2023, OCR settled with a healthcare system for $1.3 million after investigators found that a former employee's HIPAA login credentials remained
Tag
HIPAA Security Rule
Content about HIPAA Security Rule safeguards and workforce training.
HIPAA Policy for Employees
HIPAA Policy for Employees: What Your Workforce Needs
In 2023, OCR settled with a covered entity for $40,000 after a former employee accessed patient records without authorization — months after leaving the organization.
HIPAA Policy Templates
HIPAA Policy Templates Free: Why Free Isn't Compliant
In 2023, a small specialty clinic in the Southeast received a corrective action plan from OCR after a breach investigation revealed that their "policies
HIPAA Security Officer Training
HIPAA Security Officer Training: What Your Role Demands
In 2023, OCR settled with a small health plan in Louisiana for $55,000 after an investigation revealed the organization had never designated a security
HIPAA Security Rule
HIPAA Security Policy Template: Build One That Works
When OCR investigated Anchorage Community Mental Health Services in 2014, the resulting $150,000 settlement wasn't triggered by a sophisticated cyberattack. It was
HIPAA Security Rule
HIPAA Standards for Security: What OCR Expects in 2024
In February 2024, OCR settled with a healthcare provider for $480,000 after investigators found the organization had never conducted a comprehensive risk analysis — a
HIPAA Technology Rule
HIPAA Technology Rule: What Healthcare Orgs Must Know
In December 2023, HHS published a Notice of Proposed Rulemaking (NPRM) that represents the most significant update to the HIPAA Security Rule since its original
HIPAA Technology Rules
HIPAA Technology Rules: What Your Organization Must Know
In February 2024, OCR settled with a healthcare system for $4.75 million after investigators found the organization had failed to encrypt protected health information
HIPAA Text Messages
HIPAA Text Messages: Rules for Texting PHI Securely
In 2023, a regional health system paid $850,000 to settle an OCR investigation that traced a data breach back to a single unsecured text
HIPAA Training
HIPAA Training Certification Online: What Actually Counts
In 2023, OCR settled with a dental practice in New England for $50,000 — not because of a sophisticated cyberattack, but because the organization couldn&
HIPAA Training
HIPAA Training Classes: What Your Workforce Actually Needs
In 2023, OCR settled with a Louisiana medical group for $480,000 after an investigation revealed — among other failures — that the organization had never implemented
HIPAA Training
HIPAA Training Programs: What OCR Expects in 2024
When OCR settled with a Florida dental practice for $62,500 in 2023, the root cause wasn't a sophisticated cyberattack or a rogue