OCR Settles New England Dermatology HIPAA Violations for $300,640

Springfield, Massachusetts, is home to the Naismith Memorial Basketball Hall of Fame  - a mere 90-minute ride to Boston. Springfield is also, less famously, the headquarters of New England Dermatology, P.C., d/b/a New England Dermatology and Laser Center (“NEDLC”). This HIPAA covered entity provides treatment for skin, hair, and nail diseases, including acne, eczema, psoriasis, and rashes. In late August of 2022, [...]

2022-08-24T10:15:41-04:00August 24th, 2022|

Did COVID Lead to a Lower HIPAA Fine?

On Friday afternoon, July 15, 2022, the Department of Health and Human Services Office for Civil Rights announced 11 enforcement actions against healthcare providers across the country for alleged violations of the HIPAA Privacy Rule right of access provisions. Buried within the various resolutions and corrective action plans were notices of proposed determination and final determination for ACPM Podiatry Group Ltd. and [...]

2022-08-19T13:49:26-04:00August 19th, 2022|

11 HIPAA Right of Access Violations Brings $646,000 in Fines

Demonstrating their continued focus on right of access violations, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced 11 settlements and one HIPAA fine for medical practices across a wide variety of specialties. An examination of the specifics of each incident cites several reasons by the covered entities for not providing the requested records, including: Complete failure to [...]

2022-07-18T15:05:19-04:00July 18th, 2022|

Oklahoma State University Agrees to $875k HIPAA Breach Fine

A 2016 hacking incident that hit Oklahoma State University's Center for Health Sciences has led to an $875,000 HIPAA breach fine settlement to address potential violations. Background of Oklahoma State University HIPAA Breach Hackers first gained access to a web server containing the electronic protected health information (ePHI) of as many as 279,865 individuals on March 9, 2016. The information accessed included [...]

2022-07-15T13:25:18-04:00July 15th, 2022|

The Costs and Consequences of EHR Snooping

It’s a HIPAA violation that occurs every day but seldom makes the headlines. It has the potential to destroy an organization’s reputation, but it comes from within. Medical record snooping by employees may seem like a victimless offense, but the costs and consequences of EHR snooping are real. What the Law Says About EHR Snooping HIPAA regulations are unambiguous when it comes [...]

2022-07-15T13:25:18-04:00July 13th, 2022|

Meta Pixel Lawsuit Claims Violation of Data Privacy Rights Laws

Facebook describes its Meta Pixel feature as a snippet of JavaScript code that users can put on their website. Once Pixel is installed, it tracks what forms website visitors click on, and what options users select from dropdown menus. Recently, The Markup/STAT released a report summarizing a test it ran on the 100 top hospitals in the United States. The study found [...]

2022-07-08T15:43:02-04:00July 8th, 2022|

Iowa Man Faces Jail Time for HIPAA Violation

Can HIPAA violations result in jail time? While jail time for HIPAA violations is rare, it does occur.  An Iowa man who pleaded guilty to a pair of counts related to HIPAA violations will spend the next 27 months in federal prison following his sentencing in Des Moines. Dustin James Ortiz, 49, pleaded guilty to conspiracy to wrongfully obtain and disclose individually [...]

2022-07-01T15:18:42-04:00July 1st, 2022|

Report: Facebook Tracker Collecting Hospital Patient PHI

Use of Tracker by Hospitals Likely Violates HIPAA An investigation by The Markup and Stat has uncovered a tracking tool used by 33 of the country’s top 100 hospitals that collects patients’ protected health information (PHI) and sends it to Facebook—including details about medical conditions, prescriptions, and physician appointments. Experts contacted in the article, including a former head [...]

2022-06-17T14:47:46-04:00June 17th, 2022|

What Happens After a HIPAA Complaint is Filed?

Even when you do the best you can to comply with HIPAA regulations, violations and breaches may occur. Clients or patients may report what they think are violations, even when they’re not. What happens after a HIPAA complaint is filed? What rights do you have as a covered entity or business associate? And what is the worst-case scenario? Common Violation Examples – [...]

2022-05-06T17:03:27-04:00April 25th, 2022|