HIPAA
HIPAA in 2026: What Every Covered Entity Must Do Now
A $4.75 Million Wake-Up Call That Should Have Changed Everything In February 2017, Memorial Healthcare System paid $5.5 million to the U.S.
Tag
OCR Enforcement
Office for Civil Rights HIPAA enforcement actions, investigations, and compliance strategies
Minimum Necessary Rule
What Is the Minimum Necessary Requirement for PHI?
A hospital employee in Texas pulls up a patient's full medical record to verify an insurance code. She only needs the diagnosis and
HIPAA Training
HIPPA Course? Why the Misspelling Costs More Than You Think
The Typo That Reveals a Bigger Problem Every month, thousands of people search for a "hippa course." I know because I watch the
HIPAA Certification
HIPAA Certification: What It Actually Means in 2026
Last month, a practice manager in Phoenix emailed me a certificate she'd earned from an online course. It had a gold seal, an
HIPAA Risk Assessment
Annual HIPAA Risk Assessment: What Most Orgs Get Wrong
A $4.75 Million Wake-Up Call That Started With a Checkbox In 2023, Banner Health paid $1.25 million to settle with OCR after investigators
HIPAA Authorization
What Is a HIPAA Authorization? A Plain-English Guide
A surgeon's office in Texas faxed a patient's entire psychiatric history to a life insurance company. The patient hadn't
Electronic Health Records
Electronic Health Records HIPAA Compliance in 2026
A single misconfigured EHR server exposed the protected health information of 3.9 million patients at Advocate Medical Group — and cost the organization $5.55
HIPAA NPP
HIPAA NPP: The Notice Your Patients Deserve Right
That Clipboard Form Nobody Reads Could Cost You Six Figures Here's a scene I've witnessed dozens of times: a patient walks
HIPAA Training
HIPAA Training Free Options: What You Actually Get
That "No-Cost" HIPAA Course Could Cost You $1.5 Million A pediatric nonprofit in Idaho thought they'd checked the box. They
PHI HIPAA Meaning
PHI HIPAA Meaning: What Counts as Protected Data
A $4.3 Million Mistake Started with One Misunderstood Spreadsheet In 2016, the University of Texas MD Anderson Cancer Center lost an unencrypted laptop and
HIPAA Compliance
HIPAA Compliance for Telemedicine Apps in 2026
A therapist in Ohio logs into a video platform, greets her patient, and starts a session about suicidal ideation. The session is encrypted in transit
Protected Health Information
Which of the Following Is Protected Health Information?
A front-desk employee at a cardiology clinic in Texas faxed a patient's billing statement to the wrong number. The document included a name,