OCR Enforcement

Notice of Privacy Practices

Notice of Privacy Practices Definition: What HIPAA Requires

In 2022, OCR settled with a dental practice in North Carolina for $50,000 — not because of a data breach, but because the practice failed

Apr 21, 2024

Notice of Privacy Practices

Notice of Privacy Practices Meaning Explained for 2024

In 2022, OCR settled with a dental practice in Georgia for $62,500 — not because of a data breach, but because the practice failed to

Apr 21, 2024

Online HIPAA Training

Online HIPAA Training Programs: What Actually Works

In 2023, OCR settled with a Florida-based dental practice for $30,000 after an investigation revealed the organization had never implemented formal workforce training — despite

Mar 7, 2024

OSHA for Healthcare

OSHA for Healthcare: Where Worker Safety Meets HIPAA

When an OSHA inspector walks into your clinic requesting access to employee medical records, exposure logs, and workplace injury documentation, your compliance team faces a

Mar 7, 2024

OSHA

OSHA in Dental Office: Where HIPAA Compliance Overlaps

In 2023, a dental practice in the Southeast received citations from both OSHA and OCR within the same six-month window. The OSHA inspection uncovered improperly

Mar 7, 2024

OSHA Medical Training

OSHA Medical Training and HIPAA: What You Must Know

When a healthcare clinic in the Midwest received citations from both OSHA and OCR within the same quarter, leadership realized something that too many organizations

Jan 18, 2024

Patient Health Information

Patient Health Information PHI: What Counts and What Doesn't

In 2023, OCR settled with a dental practice for $350,000 after an investigation revealed the organization had disclosed patient health information PHI to a

Jan 18, 2024

Patient Identifiers

Patient Identifiers HIPAA: The 18 Elements You Must Protect

In 2023, a mid-sized hospital system paid $1.3 million to settle with OCR after a researcher published a dataset they believed was "anonymized&

Jan 18, 2024

HIPAA Penalties

Penalties for Non-Compliance HIPAA Types Explained

In October 2023, OCR settled with a Louisiana medical group for $480,000 after a phishing attack exposed the protected health information of over 34,

Jan 18, 2024

HIPAA Penalties

Penalties for Non-Compliance with HIPAA: 2024 Guide

In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed catastrophic failures in risk

Jan 15, 2024

PHI Authorization

PHI Authorization: What Your Forms Must Include

In 2023, OCR settled with a health system that had been using an outdated authorization form for nearly four years — one that failed to include

Jan 15, 2024

PHI

PHI HIPAA Compliance: Protecting Health Data in 2024

In February 2024, OCR announced a $4.75 million settlement with a nonprofit health system that failed to conduct an enterprise-wide risk analysis — leaving the

Jan 15, 2024