A collection of 42 posts
In 2022, OCR settled with a dental practice in Georgia for $62,500 — not because of a data breach, but because the practice failed to
In 2023, OCR settled with a health system that had been using an outdated authorization form for nearly four years — one that failed to include
In 2023, OCR settled with a health system for $40,000 after it failed to provide a patient timely access to her own medical records
In 2023, a mid-sized hospital system in the Midwest paid $125,000 to settle an OCR investigation after it disclosed patient records based on an
In 2023, OCR settled with a New England dermatology practice for $300,640 after the organization failed to provide a patient timely access to their
In 2023, a dental practice in New England paid a $50,000 settlement to OCR after a patient filed a complaint alleging the practice refused
In 2023, OCR settled with a dental practice in New England for $50,000 after it failed to provide a patient with a copy of
In 2023, OCR settled with a health system for $40,000 after the organization failed to provide a patient timely access to her own medical
In 2024, Kaiser Permanente disclosed that a tracking technology breach potentially exposed the protected health information of 13.4 million individuals — one of the largest
In 2023, OCR settled with a New England dermatology practice for $300,640 after it disclosed a patient's protected health information to a
In 2022, a small dental practice in the Southeast received a corrective action letter from the Office for Civil Rights (OCR) after a patient complaint
In 2023, OCR settled with Yakima Valley Memorial Hospital for $240,000 after 23 security guards were found snooping through patient medical records without a
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.