A collection of 182 posts
When OCR investigated Premera Blue Cross in 2020, the resulting $6.85 million settlement exposed failures across every category of protection the HIPAA Security Rule
In 2023, OCR settled with a dental practice for $350,000 after investigators discovered the organization had no written security policies, no risk analysis, and
In February 2023, OCR settled with a healthcare provider for $1.25 million after investigators found failures spanning all three HIPAA rules — inadequate safeguards for
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed failures across multiple HIPAA
In 2022, CMS reported over $12.59 billion in payments from drug and device manufacturers to physicians and teaching hospitals through the Open Payments database
In February 2023, OCR settled with a dental practice in New England for $30,000 after investigators found the organization had no written HIPAA policies,
In February 2024, OCR settled with a Louisiana medical group for $480,000 after a phishing attack exposed the protected health information of over 34,
In 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed critical failures across multiple HIPAA
In 2023 alone, the HHS Office for Civil Rights (OCR) settled or imposed penalties in dozens of enforcement actions totaling tens of millions of dollars
In February 2024, OCR announced a $480,000 settlement with a New England dermatology practice that failed to conduct an enterprise-wide risk analysis — a core
In February 2023, the Office for Civil Rights (OCR) announced a $1.3 million settlement with a health plan that failed to provide timely access
In 2023, OCR settled with a health system for $1.3 million after investigators found the organization had failed to implement basic access controls on
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.