Office for Civil Rights HIPAA enforcement actions, investigations, and compliance strategies
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a workforce member stole the protected health information of over
In 2023, OCR settled with a dental practice for $350,000 after an investigation revealed the organization had disclosed patient records without authorization — in part
In 2023, OCR settled with a major health plan for $1.3 million after an investigation revealed the plan had used enrollee protected health information
In 2023, OCR settled with a covered entity for over $1.2 million after an investigation revealed that workforce members routinely accessed full patient records
In 2022, CMS reported over $12.59 billion in payments from drug and device manufacturers to physicians and teaching hospitals through the Open Payments database
In February 2023, OCR announced a $1.3 million settlement with Banner Health after a data breach affecting nearly 3 million individuals. The root cause
In February 2023, OCR announced a $1.3 million settlement with Banner Health after a breach affecting nearly 3 million individuals exposed catastrophic failures in
In 2023, a dental practice in New England paid a $50,000 settlement to OCR after a patient filed a complaint alleging the practice refused
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed systemic failures in risk
In February 2023, OCR announced a $1.3 million settlement with Banner Health after a hacking incident exposed the protected health information of nearly 3
In 2023, the HHS Office for Civil Rights (OCR) settled or imposed penalties in cases totaling over $4 million — many involving organizations that simply failed
In 2023, the Office for Civil Rights (OCR) settled or imposed penalties in cases totaling over $4 million — many of which traced back to organizations
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.