Office for Civil Rights HIPAA enforcement actions, investigations, and compliance strategies
In 2023, OCR settled with a Florida dental practice for $30,000 after an investigation revealed that multiple workforce members had never received HIPAA training
In 2024, a regional pharmacy chain paid $1.5 million to settle allegations with the HHS Office for Civil Rights after workforce members improperly accessed
In 2023, OCR settled with a Florida-based medical practice for $30,000 after an investigation revealed that multiple workforce members had never completed HIPAA training
When OCR settled with a Florida dental practice for $62,500 in 2023, the root cause wasn't a sophisticated cyberattack or a rogue
In 2023, OCR settled with a Louisiana medical group for $480,000 after a breach investigation revealed the organization had never implemented a workforce training
In 2023, OCR settled with a dental practice in New England for $23,000 after an investigation revealed that not a single member of the
In 2023, OCR settled with a Louisiana medical group for $480,000 after a former employee accessed patient records without authorization for months — and no
In 2023, a mid-size California medical group agreed to a $240,000 settlement with OCR after an employee accessed patient records without authorization for over
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affected nearly 3 million individuals. The investigation revealed longstanding failures
What Real HIPAA Violation Lawsuit Cases Reveal About Enforcement Priorities In February 2023, OCR announced a $1.3 million settlement with Banner Health after a
In 2023, a hospital system in the Midwest terminated a compliance analyst who reported suspected HIPAA violations to the Office for Civil Rights. The organization
Every week, OCR receives complaints from patients whose protected health information was mishandled by organizations that believed they were compliant — but had fundamental gaps in
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.