News & Analysis as of

Protected Health Information Enforcement Actions

BakerHostetler

Record-Breaking $1.55M CCPA Settlement Against Health Information Website Publisher

BakerHostetler on

On July 1, the California attorney general (CA AG) announced the largest CCPA settlement to date, $1.55 million, and the first settlement against a website publisher, Healthline Media LLC (Healthline)....more

Wilson Sonsini Goodrich & Rosati

Texas District Court Vacates 2024 HIPAA Rule Designed to Enhance Reproductive Healthcare Privacy, Effective Nationwide

On June 18, 2025, the United States District Court for the Northern District of Texas vacated most of the rules designed to enhance reproductive healthcare privacy promulgated by the U.S. Department of Health and Human...more

Rivkin Radler LLP

OCR Announces $800,000 HIPAA Settlement with Florida Health System

Rivkin Radler LLP on

The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced another settlement for alleged violations of HIPAA. OCR investigated BayCare Health System, which serves central Florida, after a...more

Blake, Cassels & Graydon LLP

New Guidance From Ontario’s Information and Privacy Commissioner on Privacy Management for Small Healthcare Organizations

Ontario’s Information and Privacy Commissioner (IPC) has released a new Privacy Management Handbook (Handbook) aimed at assisting small healthcare organizations to meet their privacy obligations under Ontario’s health...more

Warner Norcross + Judd

Federal Court Vacates HIPAA Rule on Reproductive Health Care Privacy

Warner Norcross + Judd on

Last year, the federal Office for Civil Rights (OCR) modified the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule to strengthen protections for reproductive health care information (the “2024 Rule”)....more

Foley & Lardner LLP

HIPAA Risk Analyses for Digital Health: Navigating AI, M&A and Vendor Diligence

Foley & Lardner LLP on

Share on Twitter Share by Email Share Back to top HIPAA Security Risk Analyses (SRAs) should be the foundation of every digital health company’s cybersecurity compliance. Far more than a checkbox exercise, a comprehensive SRA...more

Health Care Compliance Association (HCCA)

From $5,000 to $800,000: Days Apart, OCR Security Settlements Show Puzzling Math

A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different...more

Baker Donelson

Insider Threats Are Just as Dangerous as Ransomware – Lessons from the Latest OCR HIPAA Settlement

Baker Donelson on

What's New? On May 28, 2025, the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) announced an $800,000 settlement with a large Florida-based health care provider over potential violations of the...more

Holland & Knight LLP

U.S. Health Data Affected by New National Security Restrictions on International Data Transfers

Holland & Knight LLP on

Health Insurance Portability and Accountability Act (HIPAA)-covered entities and business associates should be familiar with restrictions on the use or disclosure of protected health information (PHI) under HIPAA rules....more

Wyrick Robbins Yates & Ponton LLP

ConnectiCut to the Chase: Lessons from the Connecticut AG's Latest CTDPA Enforcement Report

On April 17, 2025, the Connecticut Office of the Attorney General (“OAG”) released an Updated Enforcement Report Pursuant to the Connecticut Data Privacy Act (“Report”). The Report, the second issued by OAG (read our...more

Sheppard Mullin Richter & Hampton LLP

Immigration Enforcement and Healthcare Facilities: Key Considerations for Providers

Recent changes in federal immigration enforcement practices have prompted renewed attention to how healthcare providers manage requests from law enforcement agencies. While federal policy continues to recognize healthcare...more

Gardner Law

Recent Enforcement Reminds Companies: Assess HIPAA Compliance

Gardner Law on

A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more

Health Care Compliance Association (HCCA)

$1.5M Warby Parker Fine a Holdover; OCR Focuses On Men in Sports, Antisemitism, ‘Biological Truth’

Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

Husch Blackwell LLP

ICE at Healthcare Facilities: What Should You Do

Husch Blackwell LLP on

In 2003, Congress created the Department of Homeland Security (DHS). Within the DHS is the interior enforcement arm, U.S. Immigration and Customs Enforcement (ICE), that enforces federal laws governing border control,...more

Health Care Compliance Association (HCCA)

We’ll Take the Fine: OCR’s ‘Unwarranted,’ Costly Demands Prompted Hospital’s $538K Payment

The saga that led Children’s Hospital Colorado to accept a fine of more than $500,000 imposed by the HHS Office for Civil Rights (OCR) began on July 11, 2017, when a physician’s email account containing details on 3,300...more

Holland & Knight LLP

Government Contracts Enforcement: DOJ Publishes FY 2024 False Claims Act Statistics

Holland & Knight LLP on

The U.S. Department of Justice (DOJ or the Department) has published statistics on False Claims Act (FCA) settlements and judgments for fiscal year (FY) 2024, a year in which the Department saw the highest number of qui tam...more

Shipman & Goodwin LLP

Immigration Enforcement for Health Care Facilities

Shipman & Goodwin LLP on

The Trump Administration’s flurry of executive orders directing the implementation of immigration policy objectives to carry out the “largest domestic deportation operation in American history” has many hospitals and other...more

Wyrick Robbins Yates & Ponton LLP

Analyze This: OCR Kicks Off 2025 with Two New HIPAA Enforcement Actions Against Business Associates as Part of New Risk Analysis...

Just two weeks into the year, 2025 is already shaping up to be a busy year for privacy lawyers, especially those tasked with helping covered entities and business associates comply with the HIPAA Security Rule.  As we...more

Robinson+Cole Data Privacy + Security Insider

OCR Active with Settlements and Enforcement Actions in November and Early December

The Office for Civil Rights of the Department of Health and Human Services (OCR) was busy negotiating and settling enforcement actions in November and early December. Since October 31, 2024, the OCR has settled five separate...more

Quarles & Brady LLP

HHS Office for Civil Rights Reaffirms Interest in Enforcement Related to Reproductive Health Information

Quarles & Brady LLP on

On December 2, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) announced a settlement with Holy Redeemer Family Medicine, a Pennsylvania covered entity, regarding an alleged violation...more

Holland & Knight LLP

HIPAA Tidings: A Look at OCR's Recent Enforcement Actions

Holland & Knight LLP on

In addition to holiday celebrations, the month of December typically ushers in a final round of enforcement actions by the U.S. Department of Health and Human Services' (HHS) Office of Civil Rights (OCR), and 2024 is no...more

Saul Ewing LLP

Emergency Medical Service Provider Agrees to Pay a $90,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more

BakerHostetler

DSIR Deeper Dive: Tracking the Crackdown on Tracking/Pixel Technologies: Web Litigation and Regulatory Landscape - Part 2

BakerHostetler on

In the first part of this blog post, we looked into the OCR and FTC’s focus on third-party tracking technologies. We also reviewed the AHA Lawsuit and its impact for the use of tracking technologies. In this blog post, we...more

Saul Ewing LLP

No “Trick”: Plastic Surgery Practice Agrees to Pay a $500,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On October 31, 2024, the U.S. Department of Health and Human Services (“HHS”), Office of Civil Rights (“OCR”) announced a $500,000 settlement with Plastic Surgery Associates of South Dakota (“PSA”) concerning potential...more

210 Results
 / 
View per page
Page: of 9

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide