HIPAA Safeguards: The Three Categories You Must Address
In February 2024, OCR announced a $480,000 settlement with a New England dermatology practice that failed to implement even basic security measures after a
HIPAA Security Rule risk analysis requirements, methodologies, and compliance strategies
In February 2024, OCR announced a $480,000 settlement with a New England dermatology practice that failed to implement even basic security measures after a
In 2023, OSHA issued over $4.3 million in penalties to healthcare facilities for violations ranging from bloodborne pathogen exposure to inadequate hazard communication. What
In February 2024, OCR announced a $4.75 million settlement with Montefiore Medical Center after a former employee stole the protected health information of over
In February 2024, OCR settled with a healthcare system for $4.75 million after a phishing attack compromised the protected health information of over 100,
In 2023, OCR settled with a dental practice in Massachusetts for $350,000 after an investigation revealed not only HIPAA Security Rule failures but overlapping
In 2023, a mid-sized dental practice in Ohio received citations from both OSHA and OCR within the same quarter — one for failing to maintain an
In 2023, a mid-sized dental practice in Ohio received citations from both OSHA and OCR within the same six-month period. The OSHA citation targeted inadequate
In December 2023, HHS published a Notice of Proposed Rulemaking (NPRM) that would represent the most significant overhaul of the HIPAA Security Rule since its
When OCR settled with Banner Health for $1.25 million in 2023, the core finding was painfully familiar: the organization had failed to conduct an
In 2023, OCR settled with a healthcare provider for $1.3 million after an investigation revealed the organization had no encryption on portable devices, no
In 2023, OCR settled with a covered entity for $1.25 million — not because of a sophisticated cyberattack, but because the organization lacked a written,
In February 2024, OCR settled with a healthcare system for $4.75 million after investigators found the organization had failed to implement even basic security
Join healthcare organizations that trust HIPAA Certify for their workforce training and compliance tracking.