Office for Civil Rights HIPAA enforcement actions, investigations, and compliance strategies
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a former employee stole electronic protected health information (ePHI) of
In 2023, OCR settled with a health system for $40,000 after the organization failed to provide a patient timely access to her own medical
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting over 2.81 million individuals exposed systemic failures in
A hospital's HR department shared an employee's sick leave records with a manager, and the employee filed a complaint with the
In 2023, OCR settled with a health system for $1.25 million after discovering that the organization had allowed a vendor to access protected health
In 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed critical failures across multiple HIPAA
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affected nearly 3 million patients — the result of insufficient access
In February 2011, a major health system paid $4.3 million to settle with the Office for Civil Rights after stolen laptops exposed the electronic
In 2023, the Office for Civil Rights (OCR) settled or imposed penalties in cases totaling over $4 million — all stemming from organizations that failed to
In February 2011, Massachusetts General Hospital paid $1 million to settle HIPAA violations involving the loss of protected health information for 192 patients. What made
In February 2011, Cignet Health of Prince George's County, Maryland received a $4.3 million civil money penalty from the Office for Civil
When Advocate Medical Group paid $5.55 million to settle HIPAA violations in 2016, the penalty wasn't calculated under the original 1996 HIPAA
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.