HIPAA Settlement
Anthem Pays OCR $16 Million in Record HIPAA Settlement Following Largest U.S. Health Data Breach in History
Anthem, Inc. has agreed to pay $16 million to the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) and take substantial corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules after a series of cyberattacks led to the largest U.S. health…
Read MoreFailure to Protect Health Records Costs Covered Entity Millions and Leads to Bankruptcy
21st Century Oncology, Inc. (21CO) has agreed to pay $2.3 million in lieu of potential civil money penalties to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) and adopt a comprehensive corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and…
Read MoreWhistleblowers Awarded Over $1 Million for Reporting Former Employer for Violations Under the False Claims Act
WASHINGTON – Pine Creek Medical Center LLC (“Pine Creek”), a physician-owned hospital serving the Dallas/Fort Worth area, has agreed to pay $7.5 million to resolve claims that it violated the False Claims Act by paying physicians kickbacks in the form of marketing services in exchange for surgical referrals, the Department of Justice announced today. “Health…
Read MoreCareless handling of HIV information jeopardizes patient’s privacy, costs hospital $387k
St. Luke’s-Roosevelt Hospital Center Inc. (St. Luke’s) has paid the U.S. Department of Health and Human Services (HHS) $387,200 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule and agreed to implement a comprehensive corrective action plan. St. Luke’s operates the Institute for Advanced Medicine, formerly Spencer…
Read More$2.5 million settlement shows that not understanding HIPAA requirements creates risk
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced a Health Insurance Portability and Accountability Act of 1996 (HIPAA) settlement based on the impermissible disclosure of unsecured electronic protected health information (ePHI). CardioNet has agreed to settle potential noncompliance with the HIPAA Privacy and Security Rules by paying $2.5…
Read More$5.5 million HIPAA settlement shines light on the importance of audit controls
Memorial Healthcare System (MHS) has paid the U.S. Department of Health and Human Services (HHS) $5.5 million to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules and agreed to implement a robust corrective action plan. MHS is a nonprofit corporation which operates six hospitals, an…
Read MoreFirst HIPAA enforcement action for lack of timely breach notification settles for $475,000
The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced the first Health Insurance Portability and Accountability Act (HIPAA) settlement based on the untimely reporting of a breach of unsecured protected health information (PHI). Presence Health has agreed to settle potential violations of the HIPAA Breach Notification Rule by paying…
Read MoreOCR announces largest ever HIPAA settlement with a single covered entity
Last month, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced two large settlements with covered entities to resolve alleged HIPAA violations. However, even the $2.7 million and $2.75 million settlements at OHSU and UMMC were small in comparison to the latest enforcement action. OCR has just announced it has agreed…
Read MoreWidespread HIPAA vulnerabilities result in $2.7 million settlement with Oregon Health & Science University
Oregon Health & Science University (OHSU) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules following an investigation by the U.S. Department of Health and Human Services Office for Civil Rights (OCR) that found widespread and diverse problems at OHSU, which will be…
Read More$750,000 settlement highlights the need for HIPAA business associate agreements
Raleigh Orthopaedic Clinic, P.A. of North Carolina (Raleigh Orthopaedic) has agreed to pay $750,000 to settle charges that it potentially violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule by handing over protected health information (PHI) for approximately 17,300 patients to a potential business partner without first executing a business associate…
Read More