News & Analysis as of

HIPAA Breach Settlement Agreements

Epstein Becker & Green

FTC Brings Enforcement Action under FTC Act and Health Breach Notification Rule Based on GoodRx’s Use of Advertising Tracking...

On February 1, 2023, the FTC announced a proposed $1.5 million settlement with GoodRx Holdings, based on alleged violations of the Federal Trade Commission Act (“FTC Act”) and Health Breach Notification Rule (“HBNR”) for...more

Robinson+Cole Data Privacy + Security Insider

Community Health Systems, Inc. Settles for $5 M in Multi-State Settlement

On October 8, 2020, New Jersey Attorney General Gurbir Grewal (AG) announced that his office has entered into a multi-state settlement agreement with Community Health Systems, Inc. (CHS) stemming from an investigation of a...more

Robinson+Cole Data Privacy + Security Insider

Premera Blue Cross Settles with OCR for $6.85 Million for Breach of 10.4 Million Records

Premera Blue Cross (Premera) has agreed to settle with the Office for Civil Rights (OCR) for $6.85 million over allegations of violations of HIPAA after an investigation of a data breach that occurred in 2014 affecting 10.4...more

Robinson+Cole Data Privacy + Security Insider

Athens Orthopedic Settles with OCR for $1.5M for Data Breach

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it has settled potential violations of HIPAA with Athens Orthopedic Clinic PA (Athens) for $1.5 million, following an...more

Bricker Graydon LLP

OCR announces second-largest HIPAA breach settlement

Bricker Graydon LLP on

On September 25, 2020, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced that it reached a settlement with Premera Blue Cross (PBC), a health plan operating in Washington and Alaska,...more

Foley Hoag LLP - Security, Privacy and the...

HIPAA Business Associate Pays $2.3 Million to Settle Breach Affecting Protected Health Information of Over 6 Million Individuals

With apologies to John Donne, ask not for whom the bells tolls, HIPAA business associates, it tolls for thee! While it has been the law for some time that business associates could be held directly liable for breaches,...more

K&L Gates LLP

K&L Gates Triage: HIPAA: Do Hospitals Need a Business Associate Agreement with their Health System Parent Corporation?

K&L Gates LLP on

In this week’s episode, Rebecca Schaefer and Hannah Maroney discuss a string of recent HIPAA enforcement actions which demonstrate that the HHS Office of Civil Rights (OCR), the agency tasked with enforcing HIPAA, is...more

Robinson+Cole Data Privacy + Security Insider

Size Doesn’t Matter for OCR Enforcement Actions

Small health care organizations may think they are under the radar of the Office for Civil Rights (OCR), but a settlement the OCR agreed to last week should disabuse small health care providers of that notion....more

Shook, Hardy & Bacon L.L.P.

Privacy and Data Security Alert | December 2019

SDNY Rejects Standing under “Increased Risk” Theory Where Data Not Targeted or Stolen - The Southern District of New York rejected a settlement that would have resolved a class action based on the unauthorized (and...more

Faegre Drinker Biddle & Reath LLP

$3 Million OCR HIPAA Settlement Due to Lost Flash Drive and Stolen Laptop

The University of Rochester Medical Center (URMC) and the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Service (HHS) entered into a $3 million no-fault settlement agreement and two year corrective...more

Health Care Compliance Association (HCCA)

Report on Medicare Compliance Volume 28, Number 36. News Briefs - October 2019

- Fresenius Medical Care North America Inc. has agreed to pay $5.2 million to settle allegations that it tested dialysis patients for Hepatitis B surface antigen more often than medically necessary and billed Medicare for the...more

Bricker Graydon LLP

Attorney General Yost announces multistate data breach settlement with Premera

Bricker Graydon LLP on

Ohio Attorney General Dave Yost recently announced a multistate settlement that will require health insurance company Premera Blue Cross to pay $10 million following a breach of protected health information (PHI). According...more

Robinson+Cole Data Privacy + Security Insider

Premera Blue Cross Settles for $10M with 30 States for 2014 Data Breach

Following an investigation led by the Washington Attorney General, Premera Blue Cross has agreed to pay $10 million to 30 states after experiencing a data breach in 2014 that compromised the Protected Health Information of...more

Shook, Hardy & Bacon L.L.P.

Privacy and Data Security Alert | June 2019 #2

Maine Bill Requires ISPs to Obtain Opt-In Consent from Customers - The Maine legislature has passed a bill that requires internet service providers (ISPs) operating in Maine to obtain express, affirmative consent from...more

Ballard Spahr LLP

HIPAA Guidance and Enforcement: A New Alignment?

Ballard Spahr LLP on

The Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) announced that it has entered into a settlement with a business associate that provides electronic medical records services to health...more

Ballard Spahr LLP

A Modest HIPAA Settlement

Ballard Spahr LLP on

The Office of Civil Rights of the Department of Health and Human Services (OCR) announced that it has entered into a settlement with a business associate that provides electronic medical records services to health care...more

Faegre Drinker Biddle & Reath LLP

Business Associate Failed to Safeguard 3.5 Million Patients’ Medical Records

Medical Informatics Engineering, Inc. and its wholly-owned subsidiaries (MIE) and the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS-OCR) entered into a $100,000 settlement and two-year...more

Sheppard Mullin Richter & Hampton LLP

HHS Announces First HIPAA Breach Settlement of 2019; 300,000 Patients Affected

On May 6, 2019, the U.S. Department of Health and Human Services announced that Touchstone Medical Imaging will pay $3 million to settle potential HIPAA violations associated with a breach that exposed more than 300,000...more

Ballard Spahr LLP

OCR Announces $3 Million HIPAA Enforcement Settlement for Breach of 300,000 Patients’ PHI

Ballard Spahr LLP on

On May 6, 2019, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced an agreement  with Touchstone Medical Imaging, LLC (Touchstone)...more

Ballard Spahr LLP

HIPAA Enforcement Outlook for 2019 and Beyond

Ballard Spahr LLP on

After announcing that its HIPAA enforcement collections had reached a new high-water mark of $28.7 million in 2018, the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services has started this year...more

Carlton Fields

2018 Was A Record Year in HIPAA Enforcement

Carlton Fields on

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services recently announced that 2018 was a significant year in Health Insurance Portability and Accountability Act (HIPAA) enforcement activity. ...more

Ballard Spahr LLP

OCR Closes the Book on 2018 With $3 Million HIPAA Settlement

Ballard Spahr LLP on

On February 7, 2019, the Office of Civil Rights (OCR) of the U.S. Department of Health and Human Services published the resolution agreement for its final HIPAA settlement of 2018. ...more

Ballard Spahr LLP

A Pair of Year-End HIPAA Settlements

Ballard Spahr LLP on

A relatively quiet year for HIPAA enforcement is ending with a small flourish.  The Office of Civil Rights of the Department of Health and Human Services (HHS) has announced two settlements with covered entities within the...more

Mintz - Health Care Viewpoints

Another HIPAA Settlement for Failure to Enter Into a BAA

Last week, the Office for Civil Rights (OCR) announced that it had reached a settlement with a contract physician group based in Florida to resolve potential HIPAA violations relating to the sharing of protected health...more

Bricker Graydon LLP

Failure to terminate access of departing employee leads to HIPAA penalty

Bricker Graydon LLP on

A critical access hospital in Colorado will pay $114,000 in a settlement with the Office of Civil Rights (OCR) stemming from the failure to terminate a former employee’s access to a hospital database containing protected...more

38 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide