On June 15, 2023, the Department of Health and Human Services Office for Civil Rights (OCR) announced a HIPAA settlement with Yakima Valley Memorial Hospital. The Hospital came under fire when it was discovered that several security guards were improperly accessing patient medical files. The Details OCR initiated its investigation into Yakima in May 2018 after receiving a breach notification report that [...]
When a covered entity or business associate makes the HIPAA Wall of Shame for a significant breach or violation, it often results in huge fines. In some cases, the breaches and resulting fines resulted from organizations knowingly violating HIPAA regulations and just hoping they wouldn’t get caught. However, many violations and fines occur because people thought they were doing enough to be compliant. Do the regulators [...]
This year, the Department of Health and Human Services’ Office for Civil Rights (OCR) resolved 14 enforcement actions it had filed against healthcare providers, health plans, and clinical labs. OCR resolved all but one of these 13 through entering into a Settlement Agreement with the covered entity. In the remaining action, OCR imposed a civil monetary penalty on the provider. The lessons from 2021 HIPAA fines are three-fold: [...]
Two printing companies settled with New Jersey over an incident that exposed protected medical and client information. Under the state HIPAA settlement, Command Marketing Innovations, LLC (CMI) and Strategic Content Imaging, LLC (SCI) agreed to pay a $130,000 fine and implement more robust security policies. Why Were They Fined? The incident that led up to the state HIPAA settlement occurred when the [...]
On September 10, 2021, the Department of Health and Human Services Office for Civil Rights (OCR) announced the issuance of another right of access fine. The OCR HIPAA investigation led to the twentieth right of access fine issued since the 2019 right of access enforcement initiative was announced. Children's Hospital & Medical Center OCR HIPAA Investigation In May 2020, the OCR received [...]
In late March of 2021, the Department of Health and Services (HHS) Office for Civil Rights (OCR) settled with New Jersey-based Village Plastic Surgery (VPS) for a potential violation of the HIPAA right of access rule. The $30,000 settlement requires VPS to undergo a two-year corrective plan (CAP). The details of the settlement are discussed below. Village Plastic Surgery HIPAA Right of Access Rule Violation [...]
The Department of Health and Human Services’ (HHS) Office for Civil Rights recently announced its seventeenth settlement of an enforcement action under its HIPAA Right of Access Initiative. The Arbour, Inc., doing business as Arbour Hospital (Arbour), has agreed to pay $65,000 to settle a potential right of access standard violation. Arbor has also agreed to submit to a one-year corrective action plan (CAP). More details on the [...]
In February of 2021, Sharp HealthCare, doing business as Sharp-Rees Stealy Medical Centers (SRMC), paid $70,000 to the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) to settle a potential violation of the HIPAA Privacy Rule right of access standard. The Sharp settlement has become OCR’s sixteenth settlement under OCR’s right of access initiative. Under this initiative that began in 2019, OCR continues to [...]
Not-for-profit Nevada health system Renown Health, P.C., has agreed to pay $75,000 to the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) to settle a potential violation of the HIPAA Privacy Rule right of access provision. The settlement is a product of HHS’ Right of Access Initiative. Under this initiative, OCR established cracking down on providers who fail to grant timely patient access to [...]
The Department of Health and Human Services’ (HHS) Office for Civil Rights enforces HIPAA compliance by imposing civil monetary penalties (CMPs) on HIPAA covered entities for violations of the HIPAA Privacy and Security Rules. Practices may appeal the monetary determination in civil court. Almost all appeals to date have been unsuccessful. Almost. On January 14, 2021, the United States Court of Appeals for the Fifth Circuit (“5th Circuit”) [...]
