Our Blog
HIPAA Compliant News Articles and Enforcement
OCR Phase 2 HIPAA Audits: Documentation Requests Issued
The Department of Health and Human Services’ Office for Civil Rights (OCR) has now selected covered entities from its pool of eligible organizations and has chosen 167 for a HIPAA compliance audit. Covered entities selected for a compliance audit have now been notified by email. Those organizations now have just 10 days to respond to…
Widespread HIPAA vulnerabilities result in $2.7 million settlement with Oregon Health & Science University
Oregon Health & Science University (OHSU) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules following an investigation by the U.S. Department of Health and Human Services Office for Civil Rights (OCR) that found widespread and diverse problems at OHSU, which will be…
Philadelphia Business Associate Agrees to $650,000 OCR Settlement
On June 24, 2016, the Department of Health and Human Services’ Office for Civil Rights (OCR) published details of a resolution agreement that was reached with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS). CHCS has agreed to settle alleged HIPAA violations with the OCR and has agreed to implement a Corrective Action…
National Health Care Fraud Takedown Results in Charges against 301 Individuals for Approximately $900 Million in False Billing
Most Defendants Charged and Largest Alleged Loss Amount in Strike Force History Attorney General Loretta E. Lynch and Department of Health and Human Services (HHS) Secretary Sylvia Mathews Burwell announced today an unprecedented nationwide sweep led by the Medicare Fraud Strike Force in 36 federal districts, resulting in criminal and civil charges against 301 individuals,…
North Richland Hills Physician Admits Role in Health Care Fraud Conspiracy
DALLAS, Texas — A licensed physician from North Richland Hills, Texas, Byron Felton Conner, 48, pleaded guilty today to one count of conspiracy to commit health care fraud stemming from a scheme to defraud Medicare through the submission of false claims for physician home visits and home health care services. The announcement was made today…
Aspen Hospital Sued for HIPAA Breach by Former Employee
A healthcare IT worker formerly employed by Aspen Hospital is suing the hospital and five of its employees for an alleged HIPAA breach after it was disclosed he had contracted HIV. The former employee, only identified as John Doe in the suit, was also a patient at the hospital. His attorneys, Mari Newman, Darold Killmer…
Hacking Incident Impacts 68,000 Patients at Medical Colleagues of Texas
Medical Colleagues of Texas, a physicians’ group in Katy, TX., has discovered an unauthorized individual gained access to its system containing the records of more than 68,000 patients. The exact nature of the incident has not been disclosed and an investigation into the security breach is ongoing. The physicians’ group was unaware how access was…
Ransomware Claims Another Healthcare Victim
This year a number of healthcare organizations have had vital data locked by malicious file-encrypting software. In February, Hollywood Presbyterian Medical Center felt there was little alternative but to pay a ransom to attackers to obtain decryption keys to unlock files that had been locked with ransomware. The attackers issued a Bitcoin ransom demand of…
$750,000 settlement highlights the need for HIPAA business associate agreements
Raleigh Orthopaedic Clinic, P.A. of North Carolina (Raleigh Orthopaedic) has agreed to pay $750,000 to settle charges that it potentially violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule by handing over protected health information (PHI) for approximately 17,300 patients to a potential business partner without first executing a business associate…