A collection of 212 posts
In 2022, a behavioral health provider in New England paid a six-figure settlement to OCR after a workforce member disclosed a patient's substance
A vendor tells your compliance officer their software is "HIPAA approved." A business associate sends over a marketing sheet stamped with a green
In 2024, OCR settled with a business associate — a medical transcription company — for $1.2 million after a breach investigation revealed that not a single
In February 2024, OCR settled with a Louisiana medical group for $480,000 after investigators found the organization had failed to implement even the most
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a former employee stole the protected health information of over
In February 2024, OCR settled with a New England dermatology practice for $300,000 after determining the organization had disclosed protected health information to a
In 2023, OCR settled with a Florida-based healthcare provider for $25,000 after investigators discovered that multiple workforce members had never completed basic privacy and
In 2023, a dental practice in the Southeast received an OCR investigation after a patient complained that their protected health information was shared with a
In December 2022, OCR issued a bulletin that sent shockwaves through the healthcare industry. The agency confirmed that common website tracking technologies — pixels, session replay
In 2023, a mid-sized cardiology practice in Texas received an OCR investigation request following a patient complaint. The issue wasn't a data breach
In 2023, a small cardiology practice in New England agreed to a $130,000 settlement with the Office for Civil Rights after a physician discussed
In 2022, a small dental practice in North Carolina paid $50,000 to settle potential HIPAA violations after OCR found the office had no risk
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.