HIPAA Violations, Department of Health and Human Services (HHS), Corrective Action Plans (CAPs)

HIPAA Security Rule Settlement Results in $950,000 Payment by a Mid-Atlantic Health System

Saul Ewing LLP on 7/17/2024

On July 1, 2024, the U.S. Department of Health and Human Services (“HHS”) Office For Civil Rights (“OCR”) announced a $950,000 settlement with Heritage Valley Health System (“Heritage Valley”) and a three-year Corrective...more

OCR Settles Alleged HIPAA Violations for $950,000 Following 2017 Ransomware Attack

King & Spalding on 7/12/2024

On July 1, 2024, the HHS Office of Civil Rights (OCR) announced that Pennsylvania-based healthcare system, Heritage Valley Health System (Heritage Valley), has agreed to pay $950,000 to settle potential violations of the...more

OCR Ends Year With Settlements That Tread Old Ground, Says New Rules Are Coming—Someday

Health Care Compliance Association (HCCA) on 1/17/2024

If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more

Dramatic Portrayal of Care During Early COVID-19 Costs Hospital $80K; OCR: No Prior Authorization

Health Care Compliance Association (HCCA) on 12/8/2023

Report on Patient Privacy 23, no. 12 (December, 2023) Spring 2020 was a terrifying period in the annals of COVID-19, and New York was at the epicenter. COVID-19 cases, and deaths, already the highest in the nation, were...more

OCR Settlement of HIPAA Violation of Business Associate

Ankura on 9/14/2023

On May 16, 2023, the U.S. Department of Health and Human Services (DHHS) through the Office for Civil Rights (OCR) announced a settlement of potential violations of the Health Insurance Portability and Accountability Act...more

OCR Announces Trio of Access Cases; Already Stung, One Dental Chain Eliminates All Fees

Health Care Compliance Association (HCCA) on 10/10/2022

Report on Patient Privacy 22, no. 10 (October, 2022) - How about free? Patients daily face the machinations of getting records from their providers, and health care practices, hospitals and even dentists struggle with...more

2016 Breach Costs OK State Medical Center $875K; System Initially Missed Vulnerability

Health Care Compliance Association (HCCA) on 8/16/2022

Report on Patient Privacy 22, no. 8 (August, 2022) - Oklahoma State University Center for Health Sciences’ (OSUCHS) breach might not have seemed all that serious at the time: No data is believed to have been misused,...more

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Health Care Compliance Association (HCCA) on 5/6/2022

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

Lifespan Settles with OCR For HIPAA Violations

King & Spalding on 8/18/2020

On July 27, 2020, HHS issued a press release indicating that Lifespan Health System Affiliated Covered Entity (Lifespan), a non-profit health system in Rhode Island, reached a settlement with the Office for Civil Rights...more

HIPAA Violations › Department of Health and Human Services (HHS) › Corrective Action Plans (CAPs)

"My best business intelligence, in one easy email…"