HIPAA Fines Directory by Year2018-07-31T11:09:51+00:00

HIPAA Fines Listed by Year

2018 HIPAA Fines

DateOrganizationFine TotalLink to OCR Settlement
February 1, 2018Fresenius Medical Care North America (FMCNA)$3,500,000Five breaches add up to millions in settlement costs for entity that failed to heed HIPAA’s risk analysis and risk management rules
February 13, 2018 Filefax, Inc. $100,000 Consequences for HIPAA violations don’t stop when a business closes
June 18, 2018The University of Texas MD Anderson Cancer Center $4,348,000 Judge rules in favor of OCR and requires a Texas cancer center to pay $4.3 million in penalties for HIPAA violations
 2018 TOTAL:$7,948,000

2017 HIPAA Fines

DateOrganizationFine TotalLink to OCR Settlement
January 9, 2017Presence Health$475,000First HIPAA enforcement action for lack of timely breach notification settles for $475,000
January 18, 2017MAPFRE$2,200,000HIPAA settlement demonstrates importance of implementing safeguards for ePHI
February 1, 2017Children’s Medical Center of Dallas$3,200,000Lack of timely action risks security and costs money
February 16, 2017Memorial Healthcare Systems$5,500,000$5.5 million HIPAA settlement shines light on the importance of audit controls
April 12, 2017Metro Community Provider Network (MCPN)$400,000Overlooking risks leads to breach, $400,000 settlement
April 20, 2017The Center for Children’s Digestive Health (CCDH)$31,000No Business Associate Agreement?  $31K Mistake
April 24, 2017CardioNet$2,500,000$2.5 million settlement shows that not understanding HIPAA requirements creates risk
May 10, 2017Memorial Hermann Health System (MHHS)$2,400,000Texas health system settles potential HIPAA violations for disclosing patient information
 May 23, 2017 St. Luke’s Roosevelt Hospital System Inc. $387,200Careless handling of HIV information jeopardizes patient’s privacy, costs entity $387k
 December 18, 2017 21st Century Oncology $2,300,000$2.3 Millon Levied for Multiple HIPAA Violations at NY-Based Provider
 2017 TOTAL:$19,393,200

2016 HIPAA Fines

DateOrganizationFine TotalLink to OCR Settlement
February 3, 2016Lincare, Inc.$239,800Administrative Law Judge rules in favor of OCR enforcement, requiring Lincare, Inc. to pay $239,800
February 16, 2016Physical Therapy$25,000Physical therapy provider settles violations that it impermissibly disclosed patient information
March 16, 2016North Memorial$1,550,000$1.55 million settlement underscores the importance of executing HIPAA business associate agreements
March 17, 2016Feinstein Research$3,900,000Improper disclosure of research participants’ protected health information results in $3.9 million HIPAA settlement
 April 20, 2016Raleigh Orthopaedic$750,000$750,000 settlement highlights the need for HIPAA business associate agreements
April 21, 2016New York Presbyterian$2,200,000Unauthorized Filming for “NY Med” Results in $2.2 Million Settlement with New York Presbyterian Hospital
June 29, 2016Catholic Health Services of Philadelphia$650,000Business Associate’s Failure to Safeguard Nursing Home Residents’ PHI Leads to $650,000 HIPAA Settlement
July 18, 2016Oregon Health & Science University$2,700,000Widespread HIPAA vulnerabilities result in $2.7 million settlement with Oregon Health & Science University
July 21, 2016Univeristy of Mississippi Medical Center$2,750,000Multiple alleged HIPAA violations result in $2.75 million settlement with the University of Mississippi Medical Center (UMMC)
August 4, 2016Advocate Health$5,550,000Advocate Health Care Settles Potential HIPAA Penalties for $5.55 Million
September 23, 2016Care New England Health System$400,000HIPAA settlement illustrates the importance of reviewing and updating, as necessary, business associate agreements
October 17, 2016St. Joseph’s$2,140,000$2.14 million HIPAA settlement underscores importance of managing security risk
November 22, 2016UMass$650,000UMass settles potential HIPAA violations following malware infection
2016 TOTAL:$23,504,800 

2015 HIPAA Fines

DateOrganizationFine TotalLink to OCR Settlement
April 22, 2015Cornell Prescription Pharmacy$125,000HIPAA Settlement Highlights the Continuing Importance of Secure Disposal of Paper Medical Records
June 10, 2015St. Elizabeth’s Medical Center$218,000HIPAA Settlement Highlights Importance of Safeguards When Using Internet Applications
August 31, 2015Cancer Care Group, P.C.$750,000750,000 HIPAA Settlement Emphasizes the Importance of Risk Analysis and Device and Media Control Policies
November 24, 2015Lahey Hospital and Medical Center$850,000HIPAA Settlement Reinforces Lessons for Users of Medical Devices
November 30, 2015Triple-S Management$3,500,000Triple-S Management Corporation Settles HHS Charges by Agreeing to $3.5 Million HIPAA Settlement
December 14, 2015University of Washington Medicine$750,000$750,000 HIPAA Settlement Underscores the Need for Organization Wide Risk Analysis
2015 TOTAL:$6,193,000

Avoid HIPAA Fines and Get Compliant Today

Get Started!