A collection of 119 posts
In February 2024, OCR settled with a healthcare provider for $480,000 after an investigation revealed systemic failures to comply with the HIPAA Privacy Rule
In 2023, OCR settled with a dental practice for $350,000 after an employee disclosed a patient's protected health information on social media.
In February 2024, OCR announced a $4.75 million settlement with a healthcare system that failed to implement even basic safeguards for protected health information.
In 2023, OCR settled with a New England dermatology practice for $300,640 after an investigation revealed that records containing protected health information were stored
In 2023, OCR settled with a New England dermatology practice for $300,640 after an investigation revealed that protected health information stored on a network
In June 2023, OCR settled with a dental practice for $350,000 after an investigation revealed unencrypted patient records stored on a network server with
In February 2024, OCR announced a $4.75 million settlement with a hospital system that had failed to conduct an enterprise-wide risk analysis for over
In 2023, OCR settled with a Louisiana medical group for $480,000 after a HIPAA security incident involving a stolen unencrypted laptop — an incident the
In 2023, OCR settled with a healthcare system for $1.3 million after investigators found the organization had no process for identifying or responding to
In December 2022, OCR settled with a dental practice for $23,000 after an employee responded to a negative online review by disclosing a patient&
The Downstream Liability Most Business Associates Overlook In 2023, OCR settled with a medical transcription company for over $100,000 after a breach traced not
In January 2025, HHS confirmed that the temporary telehealth enforcement discretion introduced during the COVID-19 public health emergency has ended. That means every healthcare organization
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.