PHI
What Is PHI in Healthcare? A Compliance Guide
In 2023, OCR settled with a dental practice for $350,000 after it disclosed patient diagnoses in response to negative online reviews. The information shared
Tag
OCR Enforcement
Office for Civil Rights HIPAA enforcement actions, investigations, and compliance strategies
Protected Health Information
What Is Protected Health Information? Examples Every CE Needs
In 2023, a dental practice in New England paid a $50,000 settlement to the Office for Civil Rights after a workforce member posted a
Sensitive Health Information
What Is Sensitive Health Information Under HIPAA?
In 2023, OCR settled with a behavioral health provider for $1.25 million after the organization disclosed substance abuse treatment records without patient authorization. The
HIPAA Basics
What Is the Function of HIPAA? A Practical Guide
In 2023 alone, the HHS Office for Civil Rights (OCR) settled or imposed penalties in dozens of enforcement actions totaling tens of millions of dollars
HIPAA Basics
What Is the HIPAA? A Practical Compliance Guide
In February 2023, OCR settled with a dental practice in New England for $23,000 after a patient complaint revealed the organization had no written
HIPAA Compliance
What Is the HIPAA Compliance Framework? A Full Guide
In February 2024, OCR announced a $480,000 settlement with a New England dermatology practice that failed to conduct an enterprise-wide risk analysis — a core
HIPAA Privacy Rule
What Is the Privacy Rule Responsible for Protecting?
In 2023, OCR settled with Yakima Valley Memorial Hospital for $240,000 after 23 security guards were found snooping through patient medical records without a
HIPAA Security Rule
What Safeguards Does the HIPAA Security Rule Require?
In 2023, OCR settled with a healthcare system for $1.3 million after investigators found the organization had failed to implement even basic safeguards for
HITECH Act
What Was the Primary Goal of the HITECH Act?
In 2009, the Department of Health and Human Services reported that fewer than 10% of U.S. hospitals had adopted even a basic electronic health
PHI
What's Considered PHI Under HIPAA: A Practical Guide
In 2023, OCR settled with a dental practice for $350,000 after an impermissible disclosure involving patient appointment data — information the practice didn't
HIPAA Violation
What's a HIPAA Violation? Real Examples and Penalties
In February 2023, OCR settled with Banner Health for $1.25 million after a phishing attack exposed the protected health information of nearly 3 million
HIPAA Privacy Rule
When Can a Covered Entity Disclose PHI Legally?
In 2023, OCR settled with a dental practice for $350,000 after the organization disclosed a patient's protected health information to a third-party