Wait, that’s covered? Insurability of Fines and Penalties Flowing From a Cybersecurity Breach
FCPA Compliance and Ethics Report-Episode 31-the FCPA Year in Review, Corporate Enforcement Actions
FCPA Compliance and Ethics Report-Episode 30-Interview with the FCPA Professor-Part 2
Condo complaints not in writing?
Health Data on Leased Photocopier Costs Company $1.2m—What Others Can Learn
Report on Patient Privacy 23, no. 11 (November, 2023) Tim DiBona clearly remembers Christmas Eve 2018 when the staff of his small firm—Doctors’ Management Service (DMS)—arrived at their West Bridgewater, Mass., office to...more
Oklahoma State University’s Center for Health Services recently paid $875,000 to settle potential HIPAA violations after a cyberattack resulted in the unauthorized access of its patients’ protected health information. A...more
Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more
One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the Office for Civil Rights and State AGs have jurisdiction to assess fines and penalties for...more
One side effect of the COVID-19 pandemic on data security is that the sudden need to convert the workplace from onsite to remote operations potentially has required many organizations to use older equipment or personal...more
The Office for Civil Rights (OCR) announced that it has fined the Texas Health and Human Services Commission (TXHHS) $1.6 million for HIPAA violations. This is one of the few fines the OCR has levied against a state agency....more
Elite Dental Associates (Elite), located in Dallas, Texas has agreed to settle alleged HIPAA violations with the Office for Civil Rights (OCR) for $10,000....more
The Office for Civil Rights has announced that it has fined Lakeland, Florida based Advanced Care Hospitalists (ACH) $500,000 for an impermissible disclosure of protected health information by one of its business associates. ...more
Another government settlement demonstrates that not having a HIPAA compliance program can be costly. U.S. Department of Health and Human Services (HHS)'s Office for Civil Rights (OCR) announced, on Dec. 4, 2018, that Advanced...more
It was a busy April for the Office for Civil Rights (“OCR”) (see our prior post on a settlement from earlier in April). On April 20, OCR announced a Resolution Agreement with Center for Children’s Digestive Health, S.C....more
The Department of Health and Human Services Office of Civil Rights (“OCR”) fined a Texas hospital $3.2 million for its impermissible disclosure of unsecured electronic protected health information (ePHI) and non-compliance...more
In a rare move by the OCR, it assessed a $3.2 million fine against Children’s Medical Center of Dallas (Children’s) after it issued a Notice of Proposed Determination against Children’s and Children’s failed to request a...more
Oregon Health & Science University (“OHSU”) has paid $2.7 million to the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) to settle allegations that it violated the Health Insurance Portability...more
The possibility of business associates potentially being audited, investigated, and ultimately fined is now a reality. On June 24, 2016, the United States Department of Health and Human Services’ Office of Civil Rights...more
On March 16, 2016, the Office for Civil Rights (OCR) issued a press release announcing that it has settled its investigation of North Memorial Health Care System (NMHCS), located in Minnesota, for $1.55 million saying that...more
Internet-based file-sharing services such as Dropbox and Google Drive can be easy and convenient to use, whether via the touch of an app on a mobile device or by opening a browser on a PC. Healthcare professionals are often...more
New York-Presbyterian Hospital and Columbia University entered into a settlement with the Department of Health and Human Services’ Office of Civil Rights (OCR) to resolve allegations that the organizations had violated the...more
Skagit County in northwest Washington state has been fined $215,000 for violations of the HIPAA privacy, security, and breach notification rules. The U.S. Department of Health and Human Services’ Office for Civil Rights...more
HHS OCR announced today its second resolution agreement of 2013. Shasta Regional Medical Center (SRMC) has agreed to pay $275,000 and enter into a comprehensive corrective action plan (CAP) to settle an investigation opened...more