News & Analysis as of

Protected Health Information Data Breach Settlement

Robinson+Cole Data Privacy + Security Insider

PIH Health Settles HIPAA Violations for $600,000

PIH Health, a health care entity located in California, suffered a data breach in June 2019 when 45 employee email accounts were compromised in a targeted phishing campaign. The accounts contained the protected health...more

Mintz - Health Care Viewpoints

EnforceMintz — Healing Healthcare? DOJ’s Cybersecurity Enforcement Trained Up for 2025

In 2024, the Department of Justice (DOJ) pursued significant enforcement activity under its Civil Cyber-Fraud Initiative (CCFI). As our readers know, the Deputy Attorney General announced the creation of the CCFI in October...more

Robinson+Cole Data Privacy + Security Insider

OCR Active with Settlements and Enforcement Actions in November and Early December

The Office for Civil Rights of the Department of Health and Human Services (OCR) was busy negotiating and settling enforcement actions in November and early December. Since October 31, 2024, the OCR has settled five separate...more

Quarles & Brady LLP

HHS Office for Civil Rights Reaffirms Interest in Enforcement Related to Reproductive Health Information

Quarles & Brady LLP on

On December 2, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) announced a settlement with Holy Redeemer Family Medicine, a Pennsylvania covered entity, regarding an alleged violation...more

Saul Ewing LLP

Emergency Medical Service Provider Agrees to Pay a $90,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more

Saul Ewing LLP

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

Saul Ewing LLP

Medical Practice Agrees to Pay $250,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

In late September 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a settlement with Cascade Eye and Skin Centers, P.C., a health care provider in the state of...more

Holland & Hart LLP

Business Associate Agreements: Requirements and Suggestions

Holland & Hart LLP on

The HIPAA Privacy and Security Rules generally require covered entities (including most healthcare providers) to execute written agreements (“business associate agreements” or “BAAs”) with their business associates before...more

McGuireWoods LLP

Successive HIPAA Breaches Lead to $1.3 Million Settlement for Nation’s Largest Public Health Plan

McGuireWoods LLP on

On Sept. 11, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced that the Local Initiative Health Authority for Los Angeles County (LA Care) entered into a $1.3 million settlement...more

Ankura

OCR Settlement of HIPAA Violation of Business Associate

Ankura on

On May 16, 2023, the U.S. Department of Health and Human Services (DHHS) through the Office for Civil Rights (OCR) announced a settlement of potential violations of the Health Insurance Portability and Accountability Act...more

Saul Ewing LLP

Health Care Coding and Billing Entity Pays $75,000 Settlement to Resolve HIPAA Data Breach

Saul Ewing LLP on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a settlement on June 28, 2023 of potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy...more

Saul Ewing LLP

No Snooping Nor Snitching Are the Key Takeaways From the Two Most Recent HIPAA Settlements With Covered Entities

Saul Ewing LLP on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently announced two settlements with HIPAA-covered entities – one in Washington State and one in New Jersey with settlements of $240,000...more

Health Care Compliance Association (HCCA)

Five Years After ‘a Singular Human Error,’ Two Breach Notices, Revenue Firm Settles With OCR

Five Years After ‘a Singular Human Error,’ Two Breach Notices, Revenue Firm Settles With OCR - As far as settlements for alleged HIPAA violations go, a recent agreement announced by the HHS Office for Civil Rights (OCR)...more

Dinsmore & Shohl LLP

Settlement Reached After 200,000 Affected by HIPAA Breach

Dinsmore & Shohl LLP on

On May 16, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) announced a $350,000 settlement with MedEvolve, Inc., a practice and revenue cycle management and practice analytics software...more

Saul Ewing LLP

Two New HIPAA Settlements Announced by HHS OCR; Including a $350,000 Settlement for a Business Associate

Saul Ewing LLP on

Earlier this month, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced two (2) different settlements, one with a HIPAA business associate for $350,000 and one with a...more

Dorsey & Whitney LLP

HHS OCR Settles HIPAA Investigation with Business Associate for $350,000

Dorsey & Whitney LLP on

Over the past decade, the number of health care data breaches reported to the U.S. Department of Health and Human Services’ Office for Civil Rights (“OCR”) has increased dramatically. From 2009 to 2022, over 5,000 data...more

Robinson+Cole Data Privacy + Security Insider

MedEvolve OCR Settlement for $350,000 due to Alleged Failures to Protect Data

On May 17, 2023, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement with MedEvolve, Inc. for $350,000. MedEvolve provides practice and revenue cycle management and practice...more

WilmerHale

Attorneys General Bring Multistate Data Breach Settlement Against DNA Testing Lab

WilmerHale on

On February 17, 2023, the state attorneys general of Pennsylvania and Ohio reached a settlement with Ohio-based DNA Diagnostics Center (“DDC”) for a 2021 data breach that affected 2.1 million individuals nationwide and...more

King & Spalding

Clinical Laboratory Agrees to Settlement with HHS for Potential HIPAA Security Rule Violations Despite Not Being Involved in Data...

King & Spalding on

On May 25, 2021, HHS announced that Peachstate Health Management, LLC, doing business as AEON Clinical Laboratories (Peachstate), agreed to a $25,000 settlement and adoption of a comprehensive Corrective Action Plan for...more

Saul Ewing LLP

Health Insurer Agrees to Pay $5+ Million Settlement Resulting From a Data Breach Affecting More Than Nine Million Individuals and...

Saul Ewing LLP on

In one of the final health care-related actions by the Trump Administration, on January 15, 2021, the United States Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced that Excellus Health...more

Health Care Compliance Association (HCCA)

New Enforcement Threat: 'Coordinated' AGs Pursuing Settlements Following Big Breaches

Report on Patient Privacy 20, no. 12 (December 10, 2020) - In late September, Anthem Inc. entered into a $39.5 million settlement for a 2014 data breach that affected nearly 79 million individuals. About a week later,...more

Robinson+Cole Data Privacy + Security Insider

ShopRite Settles with NJ AG for Data Breach

New Jersey Attorney General (AG) Gurbir S. Grewal announced on November 2, 2020, that his office has settled with ShopRite’s parent company, Wakefern Food Corp. (Wakefern) and two of its supermarket entities for $235,000 for...more

Health Care Compliance Association (HCCA)

Settlement Involves 'Dark Overlord' Hack, Tip by Breach-Tracking Journalist

Report on Patient Privacy 20, no. 10 (October 2020) - September was quite the month for enforcement actions by the HHS Office for Civil Rights (OCR). The agency announced eight settlements totaling more than $10 million....more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - December 2019 #3

Robinson & Cole LLP on

It is being reported that LifeLabs, a Canadian lab company that is the largest provider of laboratory diagnostics and lab testing services in Canada, recently paid an undisclosed ransom to hackers who compromised its computer...more

Health Care Compliance Association (HCCA)

As MD Anderson Keeps Up Its Legal Fight, U. Rochester Pays OCR $3M

Report on Research Compliance 17, no. 1 (January 2020) - Ah, those pesky residents. If you’re a teaching hospital, you can’t live without them, right? But sometimes living with them is mighty costly, as the University of...more

72 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide