Compliance and Value-Based Care
Podcast - Data Privacy and Tracking Technology Compliance
Podcast: Discussing the Implications of Healthcare Privacy Violations
Podcast: Discussing Information Blocking with Eddie Williams
AI Risks in Healthcare
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 131: Jordon Ritchie, Chief Executive Officer, Aimedica
Expanded Information Block Rules Go into Effect
Healthcare Privacy Walkthroughs
Podcast: Interoperability: Information Blocking Claims and Enforcement - Diagnosing Health Care
Podcast: Interoperability: Health Care's Next Disruptor Is openEHR - Diagnosing Health Care
Podcast: Interoperability: A New Vision Through openEHR - Diagnosing Health Care
HIPAA Tips With Williams Mullen - Health Care Providers - Are You Ready for a Ransomware Attack?
Hybrid Workforces and Compliance with Sheila Limmroth
Podcast: DOJ Goes After Civil Cyber-Fraud - Diagnosing Health Care
Podcast: Interoperability - the Role of Health Information Exchanges - Diagnosing Health Care
Podcast: Interoperability: The Provider Perspective - Diagnosing Health Care
Podcast–Interoperability: How Far We’ve Come and Where We’re Going - Diagnosing Health Care
Getting Personal—Wearable Devices, Data, and Compliance
Gerry Blass on Healthcare Vendor Risk Management
AGG Talks: Technology - In the Balance: Interoperability and Security
Background - On March 21, 2025, the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) announced a settlement with Health Fitness Corporation (“Health Fitness”), a company that provides wellness...more
Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more
The Office for Civil Rights of the Department of Health and Human Services (OCR) was busy negotiating and settling enforcement actions in November and early December. Since October 31, 2024, the OCR has settled five separate...more
On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more
On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more
In late September 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a settlement with Cascade Eye and Skin Centers, P.C., a health care provider in the state of...more
On February 6, 2024, the HHS Office for Civil Rights (“OCR”) announced a settlement with Montefiore Medical Center (“MMC”) for alleged HIPAA Security Rule violations and MMC agreed to pay $4.75 million and enter into a...more
In December 2023, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a $480,000 settlement with a Louisiana medical group following a phishing incident. In 2021, the medical...more
Happy Holidays! The December Monthly Minute includes a fiduciary checkup reminder and a look at HHS’ recent settlement stemming from a phishing attack that impacted ePHI of nearly 35,000 individuals....more
On December 7, 2023, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced its first-ever settlement involving a phishing attack under the Health Insurance Portability and...more
Is your organization a business associate? You could be subject to enforcement action if you fail to protect health information within your control from ransomware attacks. In October, for the first time, the U.S....more
On Halloween, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $100,000 settlement under the Health Insurance Portability and Accountability Act (HIPAA) with Doctors’...more
The HIPAA Privacy and Security Rules generally require covered entities (including most healthcare providers) to execute written agreements (“business associate agreements” or “BAAs”) with their business associates before...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
Five Years After ‘a Singular Human Error,’ Two Breach Notices, Revenue Firm Settles With OCR - As far as settlements for alleged HIPAA violations go, a recent agreement announced by the HHS Office for Civil Rights (OCR)...more
The FTC is Coming Soon to a Phony Earnings Scheme and Celebrity Endorser Near You - The FTC is making good on its promises to protect consumers from phony get-rich-quick opportunities, wrapped in costly training programs,...more
On May 16, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced a $350,000 settlement with MedEvolve, Inc., a practice and revenue cycle management and practice analytics software...more
On February 17, 2023, the state attorneys general of Pennsylvania and Ohio reached a settlement with Ohio-based DNA Diagnostics Center (“DDC”) for a 2021 data breach that affected 2.1 million individuals nationwide and...more
In one of the final health care-related actions by the Trump Administration, on January 15, 2021, the United States Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced that Excellus Health...more
Report on Patient Privacy 20, no. 12 (December 10, 2020) - In late September, Anthem Inc. entered into a $39.5 million settlement for a 2014 data breach that affected nearly 79 million individuals. About a week later,...more
On October 30, 2020, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $202,400 Resolution Agreement and Corrective Action Plan (CAP) with the City of New Haven, Connecticut...more
Report on Patient Privacy 20, no. 10 (October 2020) - September was quite the month for enforcement actions by the HHS Office for Civil Rights (OCR). The agency announced eight settlements totaling more than $10 million....more
Health insurer Anthem, Inc. has finally reached a settlement with a coalition of 41 states plus the District of Columbia, and a separate settlement with California, to resolve state attorney general investigations of a data...more
Report on Research Compliance 17, no. 1 (January 2020) - Ah, those pesky residents. If you’re a teaching hospital, you can’t live without them, right? But sometimes living with them is mighty costly, as the University of...more
Last week, Indiana based Medical Informatics Engineering, Inc. (MIE) agreed to pay $100,000 to the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). MIE provides electronic health record and related...more