HIPAA Privacy Violation
HIPAA Privacy Violation: What Triggers OCR Enforcement
In February 2024, a small dental practice in New England agreed to a $50,000 settlement with the Office for Civil Rights after a former
Tag
Protected Health Information
A collection of 228 posts
HIPAA Privacy Violations
HIPAA Privacy Violations: How They Happen and How to Prevent Them
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a hospital employee sold protected health information (PHI) of over
HIPAA Basics
HIPAA Protects a Category of Information Known as PHI
In 2023, OCR settled with a dental practice for $350,000 after an investigation revealed the organization had no clear understanding of what data it
HIPAA Patient Rights
HIPAA Regulations Establish a Floor of Patient Rights
When Maryland enacted its strict genetic information privacy law and California expanded patient access rights beyond what federal rules require, many healthcare organizations asked the
HIPAA Release of Information
HIPAA Release of Information Requirements Explained
In 2023, OCR settled with a New England dermatology practice for $300,640 after an investigation revealed the organization had disclosed protected health information to
HIPAA Rights
HIPAA Rights Violation: What OCR Enforces and How to Comply
In 2019, OCR launched its HIPAA Right of Access Initiative — and since then, it has settled more than 45 enforcement actions specifically targeting organizations that
HIPAA Risk Assessment
HIPAA Risk Assessment Requirement: What OCR Expects
In February 2023, OCR settled with a health system for $1.25 million after investigators found a fundamental gap: the organization had never conducted a
HIPAA Rules and Compliance
HIPAA Rules and Compliance: What Enforcement Data Reveals
In January 2024, OCR settled with a healthcare system for $4.75 million after investigators found the organization had failed to conduct an enterprise-wide risk
HIPAA Privacy Rule
HIPAA Rules Are Divided Into 2 Sections: Privacy and Security
When OCR settled with Premera Blue Cross for $6.85 million in 2020, the enforcement action didn't hinge on a single failure. Investigators
HIPAA Social Media Rules
HIPAA Social Media Rules: What Your Workforce Must Know
In 2022, a Texas dental practice paid a $10,000 settlement after a staff member responded to a negative online review by disclosing the patient&
HIPAA Telehealth Requirements
HIPAA Telehealth Requirements Your Organization Must Meet
When OCR announced in late 2024 that the pandemic-era telehealth enforcement discretion would not be extended indefinitely, hundreds of healthcare organizations suddenly realized they had
HIPAA Teletherapy
HIPAA Teletherapy Compliance Guidelines for 2025
When OCR settled with a behavioral health provider in 2023 for $125,000 after a therapist conducted sessions over a consumer-grade video platform without a