2020 Violations of the HIPAA Privacy and Security Rules

In 2020, the Department of Health and Human Services’ (HHS) Office for Civil Rights issued a record 19 fines for failure to comply with the HIPAA regulations. Two of the fines issued were hybrids - based on violations of the HIPAA Privacy and Security Rules in equal measure. These HIPAA fines are discussed below. Aetna and Violations of the HIPAA Privacy and Security Rules [...]

2022-05-06T14:44:10-04:00January 20th, 2021|

OCR 2020 and HIPAA Security Rule Violations

In 2020, the Department of Health and Human Services’ (HHS) Office for Civil Rights issued a record 19 fines for failure to comply with the HIPAA regulations. Six of the fines announced in 2020 were principally issued for failure to comply with the HIPAA Security Rule’s requirement to conduct a security risk assessment and to track and inventory network devices. The message of OCR 2020: Keep patient records [...]

2022-05-06T14:44:10-04:00January 19th, 2021|

$5.1 Million Fine Announced for HIPAA Data Breach

The Department of Health and Human Services (HHS) Office for Civil Rights has entered into a settlement with the Excellus Health Plan, under which Excellus has agreed to pay $5.1 million and to enter into a corrective action plan. The settlement was prompted by an OCR investigation that found widespread noncompliance with provisions of the HIPAA Privacy and Security Rules. As a result of the noncompliance, the data [...]

2022-05-06T14:44:10-04:00January 15th, 2021|

First OCR Settlement Agreement of 2021 Announced

It’s not surprising that OCR kicked off 2021 by announcing yet another right of access fine. The fourteenth fine issued under OCR’s right of access initiative was a $200,000 fine issued to Banner Health ACE. The OCR settlement agreement is discussed in detail below. Banner Health ACE OCR Settlement Agreement Banner Health affiliated covered entities (Banner Health ACE), a non-profit health system with 30 hospitals, and primary [...]

2022-05-06T14:44:11-04:00January 13th, 2021|

OCR HIPAA Enforcement in 2021

OCR HIPAA enforcement in 2020 was focused on HIPAA right of access violations with 11 fines issued in 2020 citing this type of violation. Although right of access fines will likely continue, the OCR is bound to shift its focus in the year to come. OCR HIPAA enforcement in 2021 is discussed to provide healthcare organizations with guidance on what may be to come. OCR HIPAA Enforcement in [...]

2022-05-06T14:44:11-04:00January 12th, 2021|

2020 Right of Access Enforcement

2020 has been an unenviable year of firsts and of worsts. Add to this another undesirable record-breaker. In 2020, the Department of Health and Human Services’ (HHS) Office for Civil Rights issued a record 19 fines for failure to comply with the HIPAA regulations. 11 of the fines issued were for a failure to comply with the HIPAA Privacy Rule’s right of access. The message of OCR 2020 [...]

2022-05-06T14:44:11-04:00January 11th, 2021|

HIPAA Right of Access Enforcement Continues

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced its thirteenth right of access fine, bringing the 2020 fine total to eighteen fines. The HIPAA right of access enforcement is discussed below. $36,000 Fine Issued Under HIPAA Right of Access Enforcement Peter Wrobel, M.D., P.C., also known as Elite Primary Care, has agreed to a HIPAA settlement to settle right of access violations. [...]

2021-01-12T18:44:19-05:00December 23rd, 2020|

Criminal Scheme Leads to HIPAA Criminal Penalties

Three individuals allegedly gained unauthorized access to a healthcare provider’s electronic health record (EHR) platform with the intent to steal and sell protected health information (PHI). Two separate schemes, both involving Lydia Henslee, earned the alleged criminals millions of dollars. More details regarding the breach and potential HIPAA criminal penalties are discussed. What Allegations Are They Facing? Earlier this month, Demetrius Cervantes and Amanda Lowry, two of the [...]

2022-05-06T14:44:13-04:00December 11th, 2020|

12th Fine Issued Under the HIPAA Right of Access Initiative

The HIPAA Right of Access Initiative has claimed another victim. In September 2019, the HHS’ OCR announced that it would be prioritizing enforcement efforts surrounding the HIPAA Right of Access. Since this announcement, the OCR has issued twelve right of access fines, several of them over the past few months. The latest fine is discussed below. HIPAA Right of Access Initiative Fines University of Cincinnati Medical Center In [...]

2022-02-16T10:44:32-05:00November 20th, 2020|

OCR Right of Access Fine Announcement

The HHS’ OCR continues to step up its enforcement surrounding the HIPAA right of access, announcing its eleventh right of access fine this year. More details on the OCR right of access fine are discussed below.  Dr. Rajendra Bhayani Hit with Latest OCR Right of Access Fine Dr. Rajendra Bhayani, an otolaryngologist that runs a private practice in Rego Park, NY, has agreed to pay a [...]

2022-02-16T10:44:33-05:00November 13th, 2020|