A collection of 119 posts
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed failures across multiple HIPAA
In 2022, CMS reported over $12.59 billion in payments from drug and device manufacturers to physicians and teaching hospitals through the Open Payments database
In February 2023, OCR settled with a dental practice in New England for $30,000 after investigators found the organization had no written HIPAA policies,
In February 2024, OCR settled with a Louisiana medical group for $480,000 after a phishing attack exposed the protected health information of over 34,
In 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed critical failures across multiple HIPAA
In 2023 alone, the HHS Office for Civil Rights (OCR) settled or imposed penalties in dozens of enforcement actions totaling tens of millions of dollars
In February 2024, OCR announced a $480,000 settlement with a New England dermatology practice that failed to conduct an enterprise-wide risk analysis — a core
In February 2023, the Office for Civil Rights (OCR) announced a $1.3 million settlement with a health plan that failed to provide timely access
In 2023, OCR settled with a health system for $1.3 million after investigators found the organization had failed to implement basic access controls on
When OCR levies a multimillion-dollar penalty against a covered entity for failing to conduct a risk analysis, the enforcement action traces its authority back to
In June 2023, OCR settled with a dental management company for $350,000 after discovering it had allowed a business associate to access protected health
In 2023, OCR settled with a regional hospital system that had failed to conduct a thorough risk analysis — and during the investigation, auditors discovered the
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.