On September 10, 2021, the Department of Health and Human Services Office for Civil Rights (OCR) announced the issuance of another right of access fine. The OCR HIPAA investigation led to the twentieth right of access fine issued since the 2019 right of access enforcement initiative was announced. Children's Hospital & Medical Center OCR HIPAA Investigation In May 2020, the OCR received [...]
Although the HHS has long stressed the importance of ePHI security, with the influx of healthcare breaches, it is clear that many organizations have not heeded the warning. With an increase in breaches across all industries, cybersecurity has become the focus of many government agencies including the HHS. Earlier this month the HHS published its “Summer 2021 Cybersecurity Newsletter” further emphasizing the importance of information access [...]
Since 2019, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has brought a number of enforcement actions against healthcare providers for their failure to comply with the HIPAA Privacy Rule’s right of access standard. This standard requires providers to give patients timely access to their medical records. Recently, OCR announced its 19th settlement under its 2019 right [...]
The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) enforces the HIPAA regulations through investigations, civil monetary penalties, and settlements. On April 26, 2021, OCR announced that it had been made aware of postcards being sent to healthcare organizations informing the recipients that they are required to participate in a “Required Security Risk Assessment.” The postcards instruct recipients to send the risk assessment to [...]
The Department of Health and Human Services’ (HHS) Office for Civil Rights recently announced its seventeenth settlement of an enforcement action under its HIPAA Right of Access Initiative. The Arbour, Inc., doing business as Arbour Hospital (Arbour), has agreed to pay $65,000 to settle a potential right of access standard violation. Arbor has also agreed to submit to a one-year corrective action plan (CAP). More details on the [...]
Since the release of the COVID-19 vaccine, healthcare organizations have scrambled to provide patients with timely vaccination. With the difficulties in scheduling vaccines, some providers have turned to non-traditional appointment scheduling platforms, such as Eventbrite. In an effort to ease vaccine initiatives, the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced that, as of December 11, 2020, it will exercise enforcement discretion for [...]
In 2020, the Department of Health and Human Services’ (HHS) Office for Civil Rights issued a record 19 fines for failure to comply with the HIPAA regulations. Two of the fines issued were hybrids - based on violations of the HIPAA Privacy and Security Rules in equal measure. These HIPAA fines are discussed below. Aetna and Violations of the HIPAA Privacy and Security Rules [...]
In 2020, the Department of Health and Human Services’ (HHS) Office for Civil Rights issued a record 19 fines for failure to comply with the HIPAA regulations. Six of the fines announced in 2020 were principally issued for failure to comply with the HIPAA Security Rule’s requirement to conduct a security risk assessment and to track and inventory network devices. The message of OCR 2020: Keep patient records [...]
The Department of Health and Human Services (HHS) Office for Civil Rights has entered into a settlement with the Excellus Health Plan, under which Excellus has agreed to pay $5.1 million and to enter into a corrective action plan. The settlement was prompted by an OCR investigation that found widespread noncompliance with provisions of the HIPAA Privacy and Security Rules. As a result of the noncompliance, the data [...]
The HHS’ OCR continues to step up its enforcement surrounding the HIPAA right of access, announcing its eleventh right of access fine this year. More details on the OCR right of access fine are discussed below. Dr. Rajendra Bhayani Hit with Latest OCR Right of Access Fine Dr. Rajendra Bhayani, an otolaryngologist that runs a private practice in Rego Park, NY, has agreed to pay a [...]
© 2023 Compliancy Group LLC. All Rights Reserved | Terms of Use | Privacy Policy
