Articles and Blogs

Breach Notification Rule

Dropdown arrow
Categories
Subscribe
Dropdown arrow
Tags
Archives

Failure to Properly Assess Breach Risk Results in $2.175 Million Fine to Affiliated Covered Entity

[12/03/19]

Posted on December 3, 2019 in Health Information Technology

Published by: Hall Render

On November 27, 2019, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that an Affiliated Covered Entity made up of 10 hospital covered entities (“ACE Organization”) will pay a penalty of $2.175 million and enter into a two-year Corrective Action Plan (“CAP”) to settle potential violations of the Health... READ MORE

Tags: , , , , , ,

Deficient Risk Analyses, Stolen Records and Disclosure of NFL Player’s PHI Leads to $2.15 Million Penalty

[10/25/19]

Posted on October 25, 2019 in Health Information Technology

Published by: Hall Render

On October 23, 2019, the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced a civil monetary penalty (“CMP”) of $2,154,000 against a nonprofit academic health system (“Health System”) for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The Notice of Proposed Determination and the Notice of... READ MORE

Tags: , , , , ,

Don’t Forget! HIPAA Breaches Affecting Fewer Than 500 Must Be Reported to OCR by March 1, 2017

[02/21/17]

Posted on February 21, 2017 in Health Law News

Published by: Hall Render

Under the Breach Notification Rule, HIPAA covered entities are required to submit reports of certain breaches of unsecured protected health information (“PHI”) affecting fewer than 500 individuals to the Office for Civil Rights (“OCR”) on an annual basis. Covered entities must submit their breaches electronically through OCR’s breach notification web page, which can be... READ MORE

Tags: , , , ,