Forging a Secure Healthcare Future: HHS OCR Achieves Resolution with L.A. Care Health Plan in HIPAA Security Rule Case

In a groundbreaking move, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has reached a settlement with L.A. Care, the nation’s foremost publicly operated health plan, renowned for its exceptional healthcare benefits and coverage through state, federal, and commercial programs. This agreement stems from two OCR investigations triggered by a significant breach report and an eye-opening media [...]

2023-09-12T13:35:11-04:00September 11th, 2023|

Unlocking the Vault: UnitedHealthcare’s $80,000 HIPAA Resolution Unveils Secrets of Patient Medical Records

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) just made a big announcement. They've reached a settlement with UnitedHealthcare Insurance Company ("UHIC"), one of the largest health insurers in the country, regarding a potential violation of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule's right of access provision.  This means patients should [...]

2023-08-30T15:19:19-04:00August 24th, 2023|

Securing Patient Privacy: iHealth Solutions Resolves HIPAA Probe, Pays $75,000 Settlement to HHS Office for Civil Rights

In a shocking turn of events, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has made an announcement that will send shockwaves through the healthcare industry. iHealth Solutions, LLC, also known as Advantum Health, a Kentucky-based business associate providing coding, billing, and onsite IT services to healthcare providers, has settled potential violations of the HIPAA Security Rule with OCR. [...]

2023-07-24T14:04:38-04:00June 28th, 2023|

HIPAA Privacy Rule: The Consequences Behind the Violations

The HIPAA Privacy Rule, established under the Health Insurance Portability and Accountability Act (HIPAA), was designed to protect sensitive patient information from unauthorized access. It requires healthcare providers, health plans, and other covered entities to safeguard patients protected health information (PHI). Despite these strict measures, countless instances of HIPAA Privacy Rule violations occur each year, leading to severe consequences for the parties [...]

2023-07-24T14:18:28-04:00June 21st, 2023|

Employee Snooping Leads to $240,000 HIPAA Fine

On June 15, 2023, the Department of Health and Human Services Office for Civil Rights (OCR) announced a HIPAA settlement with Yakima Valley Memorial Hospital. The Hospital came under fire when it was discovered that several security guards were improperly accessing patient medical files. The Details OCR initiated its investigation into Yakima in May 2018 after receiving a breach notification report that [...]

2023-07-24T14:24:08-04:00June 15th, 2023|

OCR Settles HIPAA Investigation with Business Associate

Due to a July 2018 incident, the Office for Civil Rights (OCR) investigated MedEvolve to determine if the business associate was HIPAA compliant. The result? A $350,000 HIPAA fine for potentially violating several provisions of the HIPAA Privacy and Security Rules. *Correction: An earlier version of this article incorrectly stated that the MedEvolve incident was the result of hacking. The breach was [...]

2023-07-24T15:36:20-04:00May 16th, 2023|

Is a HIPAA Violation a Felony?

There are strict guidelines that healthcare providers must follow in order to ensure privacy and security of protected health information (PHI). When HIPAA violations occur, punishments and criminal penalties can be imposed on those who have the law. The U.S Department of Health and Human Services (HHS) Office for Civil Rights is responsible for enforcing HIPAA under the: Privacy Rule Security Rule [...]

2023-07-24T15:48:45-04:00May 10th, 2023|

No Practice is Too Small to Face a HIPAA Fine

Once again, the Department of Health and Human Services proves that just because you’re a small practice, doesn’t mean you won’t get fined. The latest fine under the HIPAA Right of Access Initiative was issued to a sole practitioner mental health service provider. In December 2017, a personal representative (father) filed a complaint against David Mente, MA, LPC, after Mente failed to [...]

2023-07-24T16:03:11-04:00May 8th, 2023|

Alcohol Treatment Businesses Disclosed Patient Data to Marketers

Monument and Tempest, both offering tools for patients battling with alcohol addiction, have come under fire for exposing patient information. The companies attribute the intrusion to the pixel-tracking software they installed on their websites for marketing purposes. According to an earlier TechCrunch investigation, the online alcohol rehabilitation services acknowledged exchanging confidential patient information with marketers for years. According to a disclosure Monument [...]

2023-07-24T16:10:31-04:00May 3rd, 2023|

HIPAA Sanctions Policy: Ensuring Employees Comply with HIPAA

Healthcare organizations are legally required to comply with HIPAA regulations to make sure patient privacy and security are protected. HIPAA violations can result in severe penalties including hefty fines and legal action against the organization. This is why it is absolutely vital to establish an effective HIPAA sanctions policy in your workplace. A HIPAA sanctions policy serves as a tool to educate employees about these specific [...]

2023-07-24T16:17:08-04:00April 28th, 2023|