HIPAA Compliance
HIPAA Compliance in Medical Office: A Practical Guide
In 2023, OCR settled with a solo dental practice in Indiana for $50,000 after a patient complaint revealed the office had no written policies,
Tag
Privacy Rule
HIPAA Privacy Rule requirements and guidance
HIPAA Compliance
HIPAA Compliance Privacy Rule: What Your Organization Gets Wrong
In February 2024, OCR settled with a New England dermatology practice for $300,000 after determining the organization had disclosed protected health information to a
HIPAA Compliance
HIPAA Compliance Release Form: What You Must Include
In 2023, OCR settled with a covered entity for $40,000 after an investigation revealed the organization had disclosed protected health information without a valid
HIPAA Consent Form
HIPAA Compliant Consent Form: What You Actually Need
In 2023, a dental practice in the Southeast received an OCR investigation after a patient complained that their protected health information was shared with a
HIPAA for Healthcare Professionals
HIPAA for Healthcare Professionals: What OCR Expects
In February 2024, OCR announced a $4.75 million settlement with a hospital system after a nurse accessed patient records without a treatment, payment, or
HIPAA Guide
HIPAA Guide: What Every Covered Entity Must Get Right
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a workforce member stole the protected health information of over
HIPAA Identifiers
HIPAA Identifier Rules: The 18 PHI Identifiers Explained
In 2023, a mid-sized health plan paid $1.3 million to settle with OCR after a breach investigation revealed that staff had been sharing spreadsheets
HIPAA Authorization
HIPAA Information Release Form: What You Must Include
In 2023, OCR investigated a mid-sized hospital system that disclosed five years of patient records to a life insurance company based on an authorization form
HIPAA Law
HIPAA Law: What Every Healthcare Organization Must Know
In February 2024, OCR settled with a healthcare provider for $480,000 after investigators found the organization had failed to conduct a risk analysis, neglected
HIPAA Laws
What HIPAA Laws Protect and How to Stay Compliant
In January 2024, OCR settled with a New England dermatology practice for $300,000 after a breach exposed the electronic protected health information of nearly
HIPAA Letter
HIPAA Letter Requirements Every Covered Entity Must Know
In February 2024, OCR settled with a New York medical practice for $100,000 after the organization failed to provide a timely written response to
HIPAA Paper Records
HIPAA Paper Records: Safeguards You Can't Ignore
In 2018, OCR settled with Filefax Inc. for $100,000 after the company left medical records — paper records containing protected health information — sitting in an