Tag Archives: HIPAA Enforcement

Dentists Continue to be a HIPAA Enforcement Target and Right of Access Remains the Focus

Today, the Department of Health and Human Services’ Office for Civil Rights (OCR) announced three more HIPAA Right of Access enforcement resolutions – all against dentists.  And the story is largely the same:  patients requested records and did not timely or properly receive those records.  In one instance, the dental practice significantly overcharged for records. […]

OCR Awoke from its HIPAA Enforcement Slumber Last Week

If you asked me Friday morning of last week to give you my impression of HIPAA enforcement so far in 2022, I would have said “slow.”  Up to that point, OCR had announced only four enforcement actions and all on the same day in March (see Three Dentists and a Psychiatrist Walk into a Bar:  […]

Three Dentists and a Psychiatrist Walk into a Bar: Four HIPAA Enforcement Actions that are No Joke

Three dentists and a psychiatrist walk into a bar . . . and they each walk out with a five-figure tab for HIPAA compliance failures.  It’s not funny, but the five-figure payment part is true and there’s a lot to be learned from their mistakes. The Department of Health and Human Services’ Office for Civil […]

A Year in Review: HIPAA Enforcement Action Resolutions in 2021

Here it is!  My annual summary of HIPAA enforcement action resolutions.  I know you all have been eagerly awaiting its arrival.  No plot twists or surprises this year – the enforcement themes are much the same as those in 2020.  As I explain below, Right of Access was again the star. 

OCR Announces Five More HIPAA Right of Access Resolutions

Yesterday, the Department of Health and Human Services’ Office for Civil Rights announced the resolution of five more HIPAA Right of Access claims. That brings the total number of Right of Access resolutions this year to 12 (including a civil monetary penalty), edging out last year’s total of 11. As for settlement and penalty amounts, the Right of Access total for 2021 has surpassed 2020 by more than $300,000.

Telehealth, Privacy, and the Three Little Pigs: A Year and a Half Later

In my July 23, 2020 blog post, I used the familiar characters in the beloved fable The Three Little Pigs to illustrate the importance of building a secure and compliant telehealth delivery system. I explained that, despite the Office for Civil Rights’ (OCR) announcement of enforcement discretion during the public health emergency (PHE), healthcare providers should establish HIPAA-compliant telehealth delivery systems before enforcement discretion ended. Because the PHE may soon be over, that message bears repeating.

And the HIPAA Right of Access Enforcement Saga Continues…

OCR continues with vigorous enforcement of HIPAA’s Right of Access rules in 2021. In the first three months of the year, OCR announced five Right of Access settlements. The story is nearly identical in each – a patient requests records and a provider fails to timely provide access. Compliance with the Right of Access rules is relatively simple and one of the best ways to avoid unwanted attention from OCR.

HIPAA Enforcement in 2020: A Focus on Right of Access and Lessons Learned

Despite the pandemic, HIPAA enforcement was hot in 2020. There were nearly twice as many enforcement action resolutions last year than in each of the previous three years. The DHHS’ Office for Civil Rights (OCR), which enforces HIPAA, announced a total of 19 resolutions in 2020. The 2020 resolutions offer different lessons from previous enforcement years, as the most common issue for enforcement in 2020 is relatively new: the Right of Access under the HIPAA Privacy Rule.

OCR Kicks off its 2021 HIPAA Enforcement Year with Another Right of Access Settlement

OCR announced its first HIPAA enforcement resolution of 2021. Picking up where it left off in 2020, this settlement involves Right of Access claims and results in a large non-profit health system with several affiliated covered entities agreeing to pay $200,000 to settle claims related to two of its affiliated entities.

Ten HIPAA Right of Access Settlements in Just Two Months

On November 19, 2020, the Office for Civil Rights (OCR) announced its 10th HIPAA Right of Access settlement of the year. OCR publicized its first five Right of Access settlements this year just over two months ago. It added two more in October and then three in November. And with a full month left in 2020, there may be more to come.

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.