A collection of 182 posts
In February 2024, OCR announced a $480,000 settlement with a New England dermatology practice that failed to implement even basic security measures after a
In 2024, OCR settled with a New England dermatology practice for $300,640 after investigators found that protected health information had been disclosed to a
In 2023, OCR settled with a dental practice for $350,000 after investigators found the organization had no documented HIPAA training program — despite operating for
Every January, OCR publishes a reminder that workforce training failures remain among the top reasons healthcare organizations face enforcement actions. In 2023 alone, multiple settlements
In 2023, a dental practice in New England paid over $50,000 to settle an OCR investigation triggered by a single unencrypted email containing patient
Why Healthcare Organizations Are Combining OSHA and HIPAA Into One Training Strategy In 2023, OCR settled with a covered entity for $1.3 million after
A mid-sized dental practice in the Southeast received citations from both OSHA and OCR within the same calendar year — one for failing to maintain a
In 2023, a mid-sized dental practice in Ohio received citations from both OSHA and OCR within the same quarter — one for failing to maintain an
In 2023, a mid-sized dental practice in Texas was hit with two separate enforcement actions within the same quarter — one from OSHA for failing to
In 2023, a mid-sized dental practice in Ohio received citations from both OSHA and OCR within the same six-month period. The OSHA citation targeted inadequate
In February 2024, OCR settled with a Louisiana medical group for $480,000 after determining that the organization had failed to provide patients timely access
In 2016, OCR settled with a business associate for $650,000 after a subcontractor experienced a breach affecting over 11,000 patients — and no business
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.