A collection of 210 posts
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a former employee stole the protected health information of over
In 2019, OCR settled with a dental practice in Texas for $10,000 after an investigation revealed the office had no written HIPAA policies, no
In February 2024, OCR settled with a New England health system for $1.3 million after investigators found that staff had been accessing patient records
In February 2024, OCR settled with a healthcare provider for $480,000 after an investigation revealed that their online patient portal lacked basic encryption safeguards
In February 2024, OCR announced a $4.75 million settlement with a major healthcare system that failed to provide patients timely access to their medical
In 2023, OCR settled with a New England dermatology practice for $300,640 after an investigation revealed the organization had failed to properly safeguard patient
In February 2024, a small dental practice in New England agreed to a $50,000 settlement with the Office for Civil Rights after a former
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a hospital employee sold protected health information (PHI) of over
In 2023, OCR settled with a dental practice for $350,000 after an investigation revealed the organization had no clear understanding of what data it
When Maryland enacted its strict genetic information privacy law and California expanded patient access rights beyond what federal rules require, many healthcare organizations asked the
In 2023, OCR settled with a New England dermatology practice for $300,640 after an investigation revealed the organization had disclosed protected health information to
In 2019, OCR launched its HIPAA Right of Access Initiative — and since then, it has settled more than 45 enforcement actions specifically targeting organizations that
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.