News & Analysis as of

Cybersecurity Settlement Office of Civil Rights

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Shook, Hardy & Bacon L.L.P.

OCR Enforcement Activity: Trends and Insights From a Limited Sample

Shook, Hardy & Bacon L.L.P. on

Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more

Saul Ewing LLP

Emergency Medical Service Provider Agrees to Pay a $90,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more

Saul Ewing LLP

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

Saul Ewing LLP

Medical Practice Agrees to Pay $250,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

In late September 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a settlement with Cascade Eye and Skin Centers, P.C., a health care provider in the state of...more

Health Care Compliance Association (HCCA)

Seven Years After Worldwide NotPetya Attacks, OCR Singles Out PA System, Collects Nearly $1M

Health Care Compliance Association (HCCA) on

Unleashed on June 27, 2017, NotPetya caused an estimated $10 billion in damages globally, among the costliest ransomware attacks in history. In 2018, the Trump administration—in tandem with the British government—blamed...more

Woods Rogers

“Briefings on HIPAA: Cybersecurity in Healthcare,” HCPro

Woods Rogers on

Principal Liz Heddleston was recently interviewed by HCPro for a story published on April 8, 2024, discussing the rising threat of ransomware attacks for healthcare providers. The story highlights lessons learned from a...more

Health Care Compliance Association (HCCA)

OCR Ends Year With Settlements That Tread Old Ground, Says New Rules Are Coming—Someday

Health Care Compliance Association (HCCA) on

If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more

Clark Hill PLC

Right To Know - January 2024, Vol. 13

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Dorsey & Whitney LLP

HIPAA on the Horizon in the New Year: Important Lessons from an Active 2023 and Regulatory Initiatives to Watch for in 2024

Dorsey & Whitney LLP on

2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more

Arnall Golden Gregory LLP

OCR Settles First Phishing Cyber-Attack Investigation with a Louisiana Medical Group

Arnall Golden Gregory LLP on

On December 7, 2023, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced its first-ever settlement involving a phishing attack under the Health Insurance Portability and...more

Robinson+Cole Data Privacy + Security Insider

HHS Settles with Doctors’ Management Services Over Ransomware Attack

Robinson+Cole Data Privacy + Security Insider on

On October 31, 2023, the Office for Civil Rights (OCR) issued a press release announcing that it has settled with Doctors’ Management Services for $100,000 following a ransomware attack that compromised the protected health...more

Robinson+Cole Data Privacy + Security Insider

MedEvolve OCR Settlement for $350,000 due to Alleged Failures to Protect Data

Robinson+Cole Data Privacy + Security Insider on

On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle management and practice...more

Rivkin Radler LLP

Anthem Agrees to $48 Million Multi-State Settlements Over 2014 Data Breach

Rivkin Radler LLP on

Health insurer Anthem, Inc. has finally reached a settlement with a coalition of 41 states plus the District of Columbia, and a separate settlement with California, to resolve state attorney general investigations of a data...more

Saul Ewing LLP

Business Associate Agrees to Pay $2.3 Million to Settle HIPAA Data Breach Affecting Over Six Million People

Saul Ewing LLP on

On September 23, 2020, the Office for Civil Rights (OCR) within the U.S. Department of Health and Human Services (HHS) announced that CHSPSC LLC, (CHSPSC) agreed to pay $2,300,000 and adopt a Corrective Action Plan (CAP) to...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - December 2019 #3

Robinson & Cole LLP on

It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer...more

Poyner Spruill LLP

HIPAA Breach Settles for $1M in First Settlement Involving State Attorneys General

Poyner Spruill LLP on

Last week, Indiana based Medical Informatics Engineering, Inc. (MIE) agreed to pay $100,000 to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). MIE provides electronic health record and related...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - February 2019 #2

Robinson & Cole LLP on

To illustrate just how creative phishing campaigns have become, on January 30, 2019, it was reported by multiple credit unions that Bank Secrecy Act officers at credit unions around the country received emails that appeared...more

Patterson Belknap Webb & Tyler LLP

Harbinger or Anomaly? Anthem’s Data Breach Settlement with HHS

Patterson Belknap Webb & Tyler LLP on

Late last week, the Office of Civil Rights for the Department of Health and Human Services (OCR) announced a $16 million settlement with health-insurance company Anthem, Inc. The settlement amount is nearly three times larger...more

Arnall Golden Gregory LLP

HHS OCR Announces a $2.3 Million HIPAA Settlement Bringing the Agency’s Settlement Total for 2017 to Over $19 Million

Arnall Golden Gregory LLP on

On December 28th, the Department of Health and Human Services Office of Civil Rights (OCR) announced a $2.3 million settlement with 21st Century Oncology Inc. (21st Century) to settle potential violations of the HIPAA privacy...more

Mintz - Privacy & Cybersecurity Viewpoints

Gone Phishin’: Hack Leads to HIPAA Settlement

Mintz - Privacy & Cybersecurity Viewpoints on

While your business may indeed be a “victim” when hit by a phishing attack, your enterprise can also be responsible for violations of law associated with the incident. Earlier this week, the HHS Office for Civil Rights...more

Baker Donelson

OCR Examines Hybrid Entity Designation in Latest HIPAA Settlement

Baker Donelson on

On November 22, 2016, the University of Massachusetts Amherst (UMass) agreed to pay $650,000 and enter into a corrective action plan to settle allegations that it violated the HIPAA Privacy and Security Rules in connection...more

Orrick, Herrington & Sutcliffe LLP

HIPAA Security Requirements Aren't Cloudy, Especially to Whistleblowers

Orrick, Herrington & Sutcliffe LLP on

Earlier this month, the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) announced that it had entered into a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton,...more

Dickinson Wright

HIPAA Violation Results in $4.8 Million Settlement

Dickinson Wright on

While most healthcare providers know to pay close attention to the HIPAA rules when setting up their information technology systems, recent events have demonstrated that this close scrutiny should also be applied to computer...more

BakerHostetler

HHS Reaches $400,000 Settlement Of Alleged HIPAA Security Rule Violations For Disabling Firewall Protections

BakerHostetler on

The U.S. Department of Health and Human Services (HHS) has reported a $400,000 settlement with Idaho State University (ISU) for alleged violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA)...more

24 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide