HIPAA Violations, Compliance, Health Care Providers

From $5,000 to $800,000: Days Apart, OCR Security Settlements Show Puzzling Math

Health Care Compliance Association (HCCA) on 6/18/2025

A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different...more

Recognized Security Practices ‘Saved’ Covered Entity $60K of $300K Fine, But Which Ones Remain a Mystery

Health Care Compliance Association (HCCA) on 11/14/2024

Covered entities (CEs) and business associates (BAs) may receive a “discount” for having recognized security practices (RSPs) in place when the HHS Office for Civil Rights (OCR) calculates financial penalties for Security...more

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on 11/11/2024

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

HIPAA Security Rule Settlement Results in $950,000 Payment by a Mid-Atlantic Health System

Saul Ewing LLP on 7/17/2024

On July 1, 2024, the U.S. Department of Health and Human Services (“HHS”) Office For Civil Rights (“OCR”) announced a $950,000 settlement with Heritage Valley Health System (“Heritage Valley”) and a three-year Corrective...more

An inside view of HIPAA enforcement

Health Care Compliance Association (HCCA) on 6/4/2024

While many healthcare providers are generally aware of their obligations under HIPAA, most do not have a clear sense of what happens if they fail to meet these obligations. At best, most probably are familiar with headlines...more

Report on Medicare Compliance Volume 30, Number 2. News Briefs: January 2021 #2

Health Care Compliance Association (HCCA) on 1/22/2021

Report on Medicare Compliance 30, no. 2 (January 18, 2021) - Recovery audit contractors (RACs) may soon be auditing positron emission tomography (PET) for initial treatment strategy in oncologic conditions for compliance...more

For Many, 'There Is a Price': Multipronged Efforts Needed to Thwart HIPAA Violators

Health Care Compliance Association (HCCA) on 9/15/2020

Report on Patient Privacy 20, no. 9 (September 2020) - The fact that people are the weakest link in compliance is a truism in the privacy and security world. But just how weak is this link, and how likely is it that...more

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on 8/14/2020

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

OCR Warns HIPAA Covered Entities: When You Learn About HIPAA Violations, Fix Them

Jackson Lewis P.C. on 7/24/2020

Roger Severino, Director of the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), provides advice for HIPAA covered health care providers: "When informed of potential HIPAA...more

HIPAA Violations › Compliance › Health Care Providers

"My best business intelligence, in one easy email…"