Protected Health Information

Telehealth Compliance

Telehealth Compliance: What HIPAA Requires in 2025

When HHS announced in late 2024 that the COVID-era telehealth enforcement discretion would not be extended indefinitely, many healthcare organizations realized they had been operating

Oct 11, 2023

Telehealth HIPAA

Telehealth HIPAA Rules Your Organization Must Follow

When OCR announced in May 2023 that the COVID-era telehealth HIPAA enforcement discretion was ending, thousands of healthcare organizations realized they had been operating on

Oct 11, 2023

HIPAA Texting

Texting Patient Information Is Allowed When These Rules Apply

In 2023, a small dental practice in Texas received a $50,000 settlement with OCR after a staff member routinely texted patient appointment details, diagnoses,

Sep 24, 2023

HIPAA Compliance

The Act That Prohibits the Practice of Kickbacks Is

In 2023, the Department of Justice recovered over $2.68 billion in settlements and judgments related to healthcare fraud — and a significant portion of those

Sep 24, 2023

Notice of Privacy Practices

The Blank Describes How PHI May Be Used Under HIPAA

If you've encountered the question "the blank describes how PHI may be used" in a HIPAA training module or certification exam,

Sep 24, 2023

OCR Enforcement

The HHS Office for Civil Rights Is Charged with Protecting PHI

In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a former employee stole the protected health information of 12,

Sep 24, 2023

HITECH Act

The HITECH Act Introduced Penalties for HIPAA Violations Based On Tiered Culpability

In 2018, the University of Texas MD Anderson Cancer Center lost a $4.3 million appeal after OCR determined that three data breaches involving unencrypted

Sep 24, 2023

HIPAA Compliance

The Importance of HIPAA: What Every Healthcare Org Must Know

In February 2023, OCR settled with Banner Health for $1.25 million after a breach affecting nearly 3 million individuals exposed massive gaps in risk

Sep 24, 2023

Minimum Necessary Standard

The Minimum Necessary Standard Means To Limit PHI Access

In 2023, OCR settled with a covered entity for over $100,000 after an investigation revealed that employees were routinely accessing patient records unrelated to

Sep 24, 2023

HIPAA Privacy Rule

The Privacy Rule HIPAA: What Your Organization Must Do

In February 2024, OCR settled with a New England dermatology practice for $300,640 after investigators found the organization had no policies implementing basic Privacy

Aug 30, 2023

PHI

Under HIPAA Law What Is the Best Description of PHI

In 2023, OCR settled with a dental practice for $350,000 after an investigation revealed the organization had disclosed patient records without authorization — in part

Jul 1, 2023

Minimum Necessary Rule

Under HIPAA What Is the Minimum Necessary Rule?

In 2023, OCR settled with a covered entity for over $1.2 million after an investigation revealed that workforce members routinely accessed full patient records

Jul 1, 2023

Ready to Simplify HIPAA Compliance?