News & Analysis as of

OCR Settles Potential HIPAA Violations with County Government for $215,000

To start 2014, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its first resolution agreement of the year and its first settlement with a county government – signaling that even local...more

Settlement Emphasizes the Need for HIPAA Risk Management

A HIPAA violation involving a health plan’s failure to erase protected health information from photocopier hard drives has resulted in a $1.2 million settlement. Your risk can be significantly reduced if you adopt and...more

Health plan pays for failing to erase data on leased equipment: two takeaways for companies handling electronic PHI

The Office for Civil Rights (OCR) has announced a settlement between the US Department of Health and Human Services and Affinity Health Plan, Inc. to address potential violations of the Health Insurance Portability and...more

HIPAA security violations result in $1.7 million settlement

On July 8, 2013, WellPoint, Inc., a managed care company (“WellPoint”), agreed to pay a $1.7 million fine to settle a self-reported breach of HIPAA, a key federal health privacy law, that led to the unauthorized disclosure of...more

WellPoint agrees to pay $1.7M in HIPAA penalties: what this tells you

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has announced that WellPoint, Inc. agreed to pay $1.7 million to settle potential violations of the Health Insurance Portability and...more

Is Your Firewall On? Are You Sure? Idaho State University Settles Privacy Rule Violations for $400,000

The HHS Office of Civil Rights (OCR) recently announced a $400,000 settlement with Idaho State University (ISU) following a lengthy investigation of the privacy and security practices at ISU outpatient clinics. In addition to...more

OCR Settles with Shasta Regional Medical Center for $275,000

The HHS Office of Civil Rights (OCR) recently announced a $275,000 settlement with Shasta Regional Medical Center (SRMC) on the heels of an investigation triggered by a Los Angeles Times article indicating that senior...more

Under HIPAA, You Have the Right to Remain Silent

Last week a regional California medical center entered a $275,000 settlement for disclosing patient information to the media, spotlighting HIPAA’s tight reign over covered health providers even when they try to defend their...more

HHS Reaches $400,000 Settlement Of Alleged HIPAA Security Rule Violations For Disabling Firewall Protections

The U.S. Department of Health and Human Services (HHS) has reported a $400,000 settlement with Idaho State University (ISU) for alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

U.S. Department of Health and Human Services Announces First HIPAA Breach Settlement Involving Fewer than 500 Patients

On January 2, 2013, the U.S. Department of Health and Human Services ("HHS") settled its first case involving the unauthorized disclosure of the electronic protected health information ("ePHI") of fewer than 500 individuals....more

OCR'S Breach Settlement: The First Ever Involving Less Than 500 Patients

The HHS Office for Civil Rights (OCR) started 2013 with a bang by announcing that it had reached "the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500...more

Health Law Alert: Deficient Data Security On Mobile Devices Leads To First HIPAA Breach Settlement Involving Less Than 500...

On January 2, 2013, the U.S Department of Health and Human Services, Office of Civil Rights (OCR) announced its first HIPAA breach settlement involving less than 500 patients. OCR took action against a hospice provider in...more

First HHS OCR Settlement for HIPAA Breach Involving Less Than 500 Patients Sends Message to Providers

On January 2, 2013, HHS announced that the Hospice of North Idaho (HONI) agreed to pay $50,000 and enter into a Corrective Action Plan (CAP) as part of a settlement involving a breach of unsecured electronic protected health...more

Health Law Update — January 10, 2013

In This Issue: - Healthcare Provisions in the American Taxpayer Relief Act - the Good, the Bad and the Ugly - American Taxpayer Relief Act Amends Overpayment Recovery Time Limits - OIG Advisory Opinion Sheds...more

First-Ever HIPAA Settlement Involving Fewer Than 500 Patients Announced

On January 2, 2013, the U.S. Department of Health and Human Services (HHS) announced a settlement with the Hospice of North Idaho (HONI) for potential HIPAA violations....more

OCR Reaches $50,000 Settlement with Hospice for Small Data Breach

Enforcement action sends a strong message to the healthcare industry and reaffirms the need for security risk analysis and mobile-device security policies and procedures....more

OCR's Breach Settlement the First Ever Involving Less than 500 Patients

OCR started 2013 with a bang by announcing that it had reached “the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500 individuals” with the Hospice of...more

First OCR Settlement Involving a “Small” Breach Focuses on Mobile Device Security

In what is best understood as a follow-up to both the recent settlement with MEEI and the release of its mobile device security guidance, HHS OCR recently released details of a settlement reached with the Hospice of Northern...more

Small Data Breach Leads to $50,000 HHS Settlement for Hospice

In what HHS declares as “the first settlement involving a breach of unprotected electronic protected health information (ePHI) affecting fewer than 500 individuals,” the Office for Civil Rights (OCR) reached a $50,000...more

Health Law Alert: Medicaid Pays $1,700,000 to Settle HIPAA Security Violations

In its first enforcement action against a state agency, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) settled last month with Alaska’s Department of Health and Social Services (DHSS) for...more

20 Results
|
View per page
Page: of 1