HIPAA Violations, PHI, Enforcement Actions

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on 11/11/2024

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

HIPAA Violations: What Providers Should Learn From the Failures of Others

Lathrop GPM on 3/4/2024

The federal agency responsible for enforcing the Health Insurance Portability and Accountability Act of 1996 (HIPAA) – the Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services – recently submitted...more

OCR Ends Year With Settlements That Tread Old Ground, Says New Rules Are Coming—Someday

Health Care Compliance Association (HCCA) on 1/17/2024

If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more

MedEvolve OCR Settlement for $350,000 due to Alleged Failures to Protect Data

Robinson+Cole Data Privacy + Security Insider on 5/19/2023

On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle management and practice...more

Report on Patient Privacy Volume 22, Number 11. MD Anderson Won Against OCR, But Agency’s Response—Including on Fines—Keeps...

Health Care Compliance Association (HCCA) on 11/14/2022

Report on Patient Privacy Volume 22, Number 11. (November 2022) Nearly five years passed from the time the University of Texas MD Anderson Cancer Center reported to the HHS Office for Civil Rights (OCR) that three...more

OCR Announces Trio of Access Cases; Already Stung, One Dental Chain Eliminates All Fees

Health Care Compliance Association (HCCA) on 10/10/2022

Report on Patient Privacy 22, no. 10 (October, 2022) - How about free? Patients daily face the machinations of getting records from their providers, and health care practices, hospitals and even dentists struggle with...more

Dermatology Practice Settles Alleged HIPAA Violations

Rivkin Radler LLP on 9/6/2022

On August 23, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced that Massachusetts-based New England Dermatology, P.C., d/b/a New England Dermatology and Laser Center (NEDLC), agreed to...more

OCR Settles Improper Disposal Case for $300,640

Robinson+Cole Data Privacy + Security Insider on 8/26/2022

On August 23, 2022, the Office for Civil Rights (OCR) issued a press release announcing that it had settled with New England Dermatology, P.C. (NED) for $300,640 “over the improper disposal of protected health information.” ...more

OCR: Current Fines Too Low to Spur Compliance; Agency Also Seeks Funding Boost, Injunctive Relief

Health Care Compliance Association (HCCA) on 5/6/2022

Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more

OCR Targets Three Dentists in New Enforcement Actions; Nixes Political Use of PHI, Review Backlash

Health Care Compliance Association (HCCA) on 4/8/2022

Report on Patient Privacy 22, no. 4 (April, 2022) - By many measures, David Northcutt’s unsuccessful 2018 bid for the Alabama senate was a costly one. Northcutt, a dentist, loaned his campaign $73,000 throughout the...more

HIPAA Violations › Protected Health Information › Enforcement Actions

"My best business intelligence, in one easy email…"