The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently announced that it had entered into a Resolution Agreement, Corrective Action Plan, and settlement with Lifetime Healthcare, Inc., the parent of Excellus Health Plan, over alleged violations of HIPAA relating to a data breach that occurred from December 23, 2013 through
OCR
OCR Settles Another Right-of-Access Initiative Case
The Office for Civil Rights (OCR) issued a press release on November 12, 2020, announcing that it had settled its eleventh enforcement action in its HIPAA Right-of-Access Initiative. The settlement with Dr. Rajendra Bhayani, an otolaryngologist (ENT) practicing in Regal Park, New York, included a payment of $15,000, a corrective action plan and two years…
OCR’s Tenth Right to Access Settlement Is Small but Meaningful
The Office for Civil Rights (OCR) recently settled a tenth case under its right-to-access initiative with California-based Riverside Psychiatric Medical Group (RPMG), for $25,000.
Although a relatively small settlement in the amount paid, it shows that the OCR is taking patients’ requests for access to their medical records seriously, and that no complaint is too…
OCR Settles with NY Spine for Failure to Provide Access to Records
Continuing its enforcement priority of assisting patients with obtaining access to their health records, the Office for Civil Rights (OCR) recently settled its ninth case with a covered entity that it alleged failed to provide proper access of health records to a patient.
NY Spine Medicine, a medical practice providing neurological and pain management series…
Dignity Health Settles with OCR for $160,000 for Failing to Provide Access to Records
Continuing with its previous enforcement actions centered on covered entities’ failure to provide patients with access to their health records, the Office for Civil Rights (OCR) announced on October 9, 2020 that it entered into a settlement with Dignity Health, doing business as St. Joseph’s Hospital and Medical Center in Phoenix (St. Joseph’s) for $160,000…
Data Breach Regulatory Settlements Update
Regulatory bodies are upping the ante when it comes to settling with companies that have suffered data breaches. In addition to the below settlements, see also the settlement between the OCR and Dignity Health.
Continue Reading Data Breach Regulatory Settlements Update
Premera Blue Cross Settles with OCR for $6.85 Million for Breach of 10.4 Million Records
Premera Blue Cross (Premera) has agreed to settle with the Office for Civil Rights (OCR) for $6.85 million over allegations of violations of HIPAA after an investigation of a data breach that occurred in 2014 affecting 10.4 million individuals. This is the largest settlement the OCR has entered into with a covered entity in 2020,…
Athens Orthopedic Settles with OCR for $1.5M for Data Breach
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it has settled potential violations of HIPAA with Athens Orthopedic Clinic PA (Athens) for $1.5 million, following an investigation of a data breach that occurred in 2016.
The data breach compromised the protected health information of 208,557 individuals when…
HIPAA Business Associate Pays $2.3 Million Settlement After Hackers Target PHI of Over 6 Million Individuals
Health care providers and contractors continue to be a popular target for hackers. Recently, CHSPSC LLC (CHSPSC), which provides various services to hospitals and clinics indirectly owned by Community Health Systems, Inc. of Tennessee, agreed to pay $2,300,000 to the Office for Civil Rights (OCR) in settlement of potential violations of HIPAA’s Privacy and Security…
OCR Settles Five Investigations Under “Right of Access” Initiative
The Office for Civil Rights (OCR) announced yesterday that it has settled five investigations in its HIPAA “Rights to Access” Initiative (Initiative), which OCR had stated would be an enforcement priority for it starting in 2019. The Initiative is “to support individuals’ right to timely access to their health records at a reasonable cost under…