HIPAA Associates: What Covered Entities Must Require
In February 2024, OCR announced a $4.75 million settlement with a health system that failed to manage its business associate relationships — a pattern enforcement
HIPAA Security Rule risk analysis requirements, methodologies, and compliance strategies
In February 2024, OCR announced a $4.75 million settlement with a health system that failed to manage its business associate relationships — a pattern enforcement
In February 2024, OCR announced a $4.75 million settlement with a healthcare system that failed to conduct an enterprise-wide risk analysis — a fundamental gap
In 2023, OCR settled with a healthcare system for $1.3 million after an investigation revealed that IT staff had failed to implement basic Security
In 2023, OCR settled with a telehealth platform for $1.25 million after an investigation revealed the company's software transmitted protected health information
In 2023, OCR settled with a solo dental practice in Indiana for $50,000 after a patient complaint revealed the office had no written policies,
In 2023, OCR settled with a healthcare system for $1.3 million after investigators found the organization had never performed penetration testing or vulnerability scanning
In 2022, OCR settled with a health plan for $1.25 million after an investigation revealed that the organization had migrated protected health information to
In 2023, OCR settled with a healthcare system for $1.25 million after investigators discovered that an IT department had failed to implement adequate access
When the Cottage Health System paid $3 million to settle HIPAA violations in 2019, their breach affected over 62,000 patients — and a key finding
In February 2023, Banner Health agreed to a $1.25 million settlement with the Office for Civil Rights after a 2016 breach exposed the protected
When OCR investigators arrive at a covered entity's door — whether triggered by a patient complaint or a reported breach — the first thing they
When OCR investigated Anthem Inc. and imposed a record $16 million settlement in 2018, the enforcement action didn't just cite a data breach.
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.