News & Analysis as of

Office of Civil Rights HIPAA Security Rule Penalties

Ogletree, Deakins, Nash, Smoak & Stewart,...

2025 Enforcement Trends: Risk Analysis Failures at the Center of HHS’s Multimillion-Dollar HIPAA Penalties

Ogletree, Deakins, Nash, Smoak & Stewart,... on

In the first five months of 2025, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) announced it had entered into ten Health Insurance Portability and Accountability Act (HIPAA) resolution...more

Health Care Compliance Association (HCCA)

Former OCR Director Fontes Rainer Reflects On ‘Imperfect’ RSP Law, Urges Final Security Reg

Health Care Compliance Association (HCCA) on

In October, the HHS Office for Civil Rights (OCR) fined Providence Medical Institute (PMI) $240,000, an amount that reflected a 20% discount for having “recognized security practices” (RSPs) in place. But many more covered...more

Lippes Mathias LLP

Hospital Administrators – Is Your Hospital Cyber-Secure?

Lippes Mathias LLP on

On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more

BakerHostetler

It’s Officially Enforcement Season: OCR Announces First Penalty Under New Risk Analysis Initiative

BakerHostetler on

On October 31, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) embraced the end of Spooky Season by announcing two more ransomware-related enforcement actions. ...more

Holland & Hart LLP

Avoiding HIPAA Penalties: A Checklist for Covered Entities

Holland & Hart LLP on

The HIPAA Privacy, Security, and Breach Notification Rules apply to healthcare providers who engage in certain electronic transactions, healthcare clearinghouses, and health plans, including employee group health plans with...more

Holland & Hart LLP

Business Associate Agreements: Requirements and Suggestions

Holland & Hart LLP on

The HIPAA Privacy and Security Rules generally require covered entities (including most healthcare providers) to execute written agreements (“business associate agreements” or “BAAs”) with their business associates before...more

Ballard Spahr LLP

HIPAA 2019 Year in Review: OCR’s Enforcement of HIPAA Security Rule

Ballard Spahr LLP on

Although the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) may yet announce one or two year-end settlements, it appears that 2019 will be known more for the implementation of changes in...more

Holland & Hart - Health Law Blog

Encrypt Your Devices or Face HIPAA Penalties

Holland & Hart - Health Law Blog on

This week, the Office for Civil Rights (“OCR”) announced a $3,000,000 HIPAA settlement arising from a medical center’s loss of an unencrypted laptop and flash drive. This is simply the latest of many HIPAA settlements based...more

8 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide