News & Analysis as of May 12, 2025

Electronic Protected Health Information (ePHI)

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

OCR Enforcement Activity: Trends and Insights From a Limited Sample

Shook, Hardy & Bacon L.L.P. on 3/4/2025

Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on 2/24/2025

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Cybersecurity May Be OCR’s New Year’s Resolution

Carlton Fields on 1/21/2025

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) appears to have made cybersecurity its New Year’s resolution. The first few weeks of 2025 have already brought with them proposed amendments to...more

Analyze This: OCR Kicks Off 2025 with Two New HIPAA Enforcement Actions Against Business Associates as Part of New Risk Analysis...

Wyrick Robbins Yates & Ponton LLP on 1/14/2025

Just two weeks into the year, 2025 is already shaping up to be a busy year for privacy lawyers, especially those tasked with helping covered entities and business associates comply with the HIPAA Security Rule. As we...more

Right To Know - December 2024, Vol. 24

Clark Hill PLC on 12/20/2024

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Emergency Medical Service Provider Agrees to Pay a $90,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on 11/21/2024

On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on 11/11/2024

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

Medical Practice Agrees to Pay $250,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on 10/8/2024

In late September 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a settlement with Cascade Eye and Skin Centers, P.C., a health care provider in the state of...more

[Event] 15th Annual Advanced Forum on Managed Care Disputes and Litigation - May 2nd - 3rd, Chicago, IL

American Conference Institute (ACI) on 3/4/2024

ACI’s Advanced Forum on Managed Care Disputes and Litigation offers an unparalleled learning experience, specifically designed for the MCO legal community. Attend and develop winning legal strategies and business best...more

2024 Privacy Law Preview

WilmerHale on 1/17/2024

As we have detailed previously, 2023 was a landmark year for privacy law, featuring numerous developments at the federal, state and international levels, ranging from newly enacted statutes to massive regulatory enforcement...more

HIPAA on the Horizon in the New Year: Important Lessons from an Active 2023 and Regulatory Initiatives to Watch for in 2024

Dorsey & Whitney LLP on 1/4/2024

2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more

OCR Enforcement Action Likely: Reminder of Steps to Take Now

Baker Donelson on 10/3/2023

Are you a health care provider, business associate, or other entity subject to the requirements of the Health Insurance Portability and Accountability Act (HIPAA) regarding the use and disclosure of protected health...more

NYAG Issues Fine Against Law Firm for Data Breach

Robinson+Cole Data Privacy + Security Insider on 3/30/2023

New York Attorney General Letitia James announced on March 27, 2023 that she had levied a fine against law firm Heidell, Pittoni, Murphy & Bach LLP for failing to secure personal and health information of clients exposing the...more

Attorneys General Bring Multistate Data Breach Settlement Against DNA Testing Lab

WilmerHale on 2/23/2023

On February 17, 2023, the state attorneys general of Pennsylvania and Ohio reached a settlement with Ohio-based DNA Diagnostics Center (“DDC”) for a 2021 data breach that affected 2.1 million individuals nationwide and...more

[Virtual Event] Healthcare Enforcement Compliance Conference - November 7th - 9th, 8:55 am - 3:30 pm CST

Health Care Compliance Association (HCCA) on 9/1/2022

Hear directly from the enforcement community - Want to gain insight into properly monitoring, detecting, investigating, and managing violations? Join us virtually at HCCA’s Annual Healthcare Enforcement Compliance...more

When the Feds Find Out! Lack of Data Security Leads to Novel and Hefty Settlements

Polsinelli on 3/22/2022

The Federal Government continues ramping up enforcement of data security requirements by deploying significant new enforcement theories and tools in support of cyber and data security controls required by federal law....more

[Event] Richmond Regional Healthcare Compliance Conference - December 10th, Richmond, VA

Health Care Compliance Association (HCCA) on 11/2/2021

Our one-day Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational...more

OCR Investigator: Goal Is to Uncover ‘Root Cause,’ Remedy Harm From Violations

Health Care Compliance Association (HCCA) on 5/7/2021

Report on Patient Privacy 21, no. 5 (May 2021) - Given the hundreds of thousands of HIPAA covered entities (CEs) and business associates (BAs) and the two dozen or so enforcement actions the HHS Office for Civil Rights...more

[Virtual Event] 2021 25th Annual Compliance Institute - April 19th - 22nd, 9:30 am - 4:35 pm CDT

Health Care Compliance Association (HCCA) on 1/26/2021

The Compliance Institute is celebrating 25 years! Join us for the Compliance Institute's 25th anniversary, April 19-22, 2021. This year, HCCA is excited to celebrate over two decades of compliance excellence with our...more

Report on Patient Privacy Volume 21, Number 1. Privacy Briefs: January 2021

Health Care Compliance Association (HCCA) on 1/14/2021

Report on Patient Privacy 18, no. 1 (January 2021) - The HHS Office for Civil Rights (OCR) settled its 13th enforcement action in its Right of Access Initiative, first announced in 2019 to support individuals’ rights to...more

New Enforcement Threat: 'Coordinated' AGs Pursuing Settlements Following Big Breaches

Health Care Compliance Association (HCCA) on 12/18/2020

Report on Patient Privacy 20, no. 12 (December 10, 2020) - In late September, Anthem Inc. entered into a $39.5 million settlement for a 2014 data breach that affected nearly 79 million individuals. About a week later,...more

[Virtual Event] 2021 Regional Healthcare Compliance Conference - Portland, OR - February 5th, 8:25 am - 5:30 pm PST

Health Care Compliance Association (HCCA) on 12/11/2020

Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more

Compliance: Top Takeaways from Foley and PYA’s Annual “Let’s Talk Compliance” Event

Foley & Lardner LLP on 2/11/2020

For the second year in a row, Foley & Lardner LLP and PYA hosted a compliance master class on various health-related compliance issues. “Let’s Talk Compliance” is an annual one-day event featuring a panel of presenters that...more

Latest HIPAA Compliance & Enforcement Trends

Bass, Berry & Sims PLC on 4/25/2019

Enforcement activity by the Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) showed no signs of slowing throughout 2018 and has already picked up speed in 2019. More recent and significant actions...more

OCR Recovers $28.7 Million from 2018 HIPAA Enforcement Actions

King & Spalding on 2/22/2019

According to a summary released by the HHS Office for Civil Rights (OCR), in 2018, OCR settled 10 cases and was granted summary judgment in one case totaling $28.7 million in recoveries for alleged violations of the Health...more

27 Results

View per page

Page: of 2

Cybersecurity › Enforcement Actions › Electronic Protected Health Information (ePHI)

"My best business intelligence, in one easy email…"