Sharp HealthCare Pays $70,000 to Settle Potential Right of Access Violation

In February of 2021, Sharp HealthCare, doing business as Sharp-Rees Stealy Medical Centers (SRMC), paid $70,000 to the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) to settle a potential violation of the HIPAA Privacy Rule right of access standard. The Sharp settlement has become OCR’s sixteenth settlement under OCR’s right of access initiative. Under this initiative that began in 2019, OCR continues to [...]

2022-05-06T14:44:07-04:00February 12th, 2021|

Renown Health Fined $75,000 Under HIPAA Right of Access Initiative

Not-for-profit Nevada health system Renown Health, P.C., has agreed to pay $75,000 to the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) to settle a potential violation of the HIPAA Privacy Rule right of access provision. The settlement is a product of HHS’ Right of Access Initiative. Under this initiative, OCR established cracking down on providers who fail to grant timely patient access to [...]

2022-05-06T14:44:07-04:00February 10th, 2021|

OCR 2020 and HIPAA Security Rule Violations

In 2020, the Department of Health and Human Services’ (HHS) Office for Civil Rights issued a record 19 fines for failure to comply with the HIPAA regulations. Six of the fines announced in 2020 were principally issued for failure to comply with the HIPAA Security Rule’s requirement to conduct a security risk assessment and to track and inventory network devices. The message of OCR 2020: Keep patient records [...]

2022-05-06T14:44:10-04:00January 19th, 2021|

First OCR Settlement Agreement of 2021 Announced

It’s not surprising that OCR kicked off 2021 by announcing yet another right of access fine. The fourteenth fine issued under OCR’s right of access initiative was a $200,000 fine issued to Banner Health ACE. The OCR settlement agreement is discussed in detail below. Banner Health ACE OCR Settlement Agreement Banner Health affiliated covered entities (Banner Health ACE), a non-profit health system with 30 hospitals, and primary [...]

2022-05-06T14:44:11-04:00January 13th, 2021|

October HIPAA Fines Reach $1.7 Million

With just three organizations fined by the HHS’ Office for Civil Rights (OCR) in October, the month’s HIPAA fines reached $1.7 million. More details on October HIPAA fines are discussed. October HIPAA Fines: Aetna Life Insurance Company Fined $1 Million Oct 28, 2020 - Aetna Life Insurance Company enters into a settlement with the HHS regarding three separate breaches over a six month period, affecting 18,602 patients. [...]

2022-02-16T10:44:33-05:00November 12th, 2020|

Another HIPAA Right of Access Settlement Announced 

HIPAA right of access fines seem to be growing on trees these days. The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has announced its tenth HIPAA right of access settlement this year. More details are discussed below. Riverside Psychiatric Medical Group HIPAA Right of Access Settlement Riverside Psychiatric Medical Group (RPMG) has agreed to pay the HHS’ [...]

2022-02-16T10:44:34-05:00November 9th, 2020|

3 Breaches, 6 Months & A $1 Million Fine: Aetna Reaches OCR Settlement for HIPAA Violations

The Office for Civil Rights (OCR) of the Department of Health and Human Services (HHS) has reached a $1,000,000 settlement with health insurer Aetna. Aetna agreed to pay this fine and to adopt a two-year corrective action plan (CAP), as a result of its having committed three HIPAA violations in a six-month period. This settlement is the 14th that OCR has entered into in 2020. More settlements have [...]

2020-11-16T09:02:32-05:00October 29th, 2020|

What are the Results of OCR’s HIPAA Enforcement Efforts?  

OCR has conducted HIPAA enforcement by investigating and resolving over 27,109 cases by requiring changes in privacy practices and corrective actions by, or providing technical assistance to, HIPAA covered entities and their business associates.  Corrective actions obtained by OCR from these entities have resulted in change that is systemic and that affects all the individuals they serve.  OCR has successfully conducted HIPAA enforcement under the HIPAA Rules by applying [...]

2020-11-16T17:02:00-05:00February 10th, 2020|

HIPAA Enforcement

There are significant consequences for breaking the HIPAA laws. The HIPAA Rule is enforced through several methods.  The most common method of HIPAA enforcement is actions of the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR). State attorneys general may also conduct HIPAA enforcement. How Does HIPAA Enforcement Work? HIPAA enforcement takes place on both the federal government and [...]

2021-07-30T16:23:15-04:00December 17th, 2019|

$2.175 Million HIPAA Fine Issued for Improper Breach Notification

In its’ most recent HIPAA settlement, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) issued a $2.175 million HIPAA fine to Sentara Hospitals. The HIPAA settlement stemmed from a breach in April 2017 that affected 577 patients. In addition to the fine, Sentara Hospitals has agreed to adhere to corrective action plans, to be submitted to HHS for approval. Would [...]

2022-05-06T12:13:33-04:00December 2nd, 2019|