HIPAA Privacy Rule requirements and guidance
In 2023, OCR settled with a New England dermatology practice for $300,640 after an investigation revealed that records containing protected health information were stored
In 2023, a mid-sized clinic in the Southeast received a records request from OCR during a compliance review — and couldn't produce its risk
In 2023, OCR settled with a New England dermatology practice for $300,640 after an investigation revealed that protected health information stored on a network
In 2023, OCR investigated a mid-sized specialty clinic that had been using the same patient authorization form since 2009. The form lacked three of the
In 2023, OCR settled with a New England dermatology practice for $300,640 after an investigation revealed the organization had disclosed protected health information to
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a former employee stole the protected health information of over
In 2023, OCR settled with a dental practice for $350,000 after an investigation revealed the organization had no documentation of its risk analysis, policies,
When OCR investigates a covered entity and discovers years of noncompliance, one of the most common — and least persuasive — defenses is confusion about when HIPAA
In early 2023, a dental practice in Texas received an OCR complaint after a staff member texted appointment reminders containing diagnosis codes to patients who
In 2023, a small dental practice in Texas received a $50,000 penalty from the Office for Civil Rights after a workforce member disclosed protected
In 2023, OCR settled with a Florida-based health system for $1.2 million after an investigation revealed — among other deficiencies — that the organization had no
In March 2024, a small dental practice in Florida agreed to a $50,000 settlement with OCR after an investigation revealed that none of its
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.