A collection of 210 posts
In February 2023, OCR settled with a health system for $1.25 million after investigators found a fundamental gap: the organization had never conducted a
In January 2024, OCR settled with a healthcare system for $4.75 million after investigators found the organization had failed to conduct an enterprise-wide risk
When OCR settled with Premera Blue Cross for $6.85 million in 2020, the enforcement action didn't hinge on a single failure. Investigators
In 2022, a Texas dental practice paid a $10,000 settlement after a staff member responded to a negative online review by disclosing the patient&
When OCR announced in late 2024 that the pandemic-era telehealth enforcement discretion would not be extended indefinitely, hundreds of healthcare organizations suddenly realized they had
When OCR settled with a behavioral health provider in 2023 for $125,000 after a therapist conducted sessions over a consumer-grade video platform without a
In 2023, a Florida-based healthcare provider paid $1.3 million to settle an OCR investigation that traced back to a single problem: untrained front-desk staff
In March 2024, a small dental practice in Florida agreed to a $50,000 settlement with OCR after an investigation revealed that none of its
OCR's $4.75 Million Settlement Exposed a Training Failure In 2022, OCR settled with a major health system for $4.75 million after
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a former employee sold protected health information of over 12,
In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million patients. The root cause wasn'
In 2023, OCR settled with a dental practice for $350,000 after investigators found the organization had been disclosing patient records to a third-party marketing
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.