Medical Informatics Engineering, Inc. (MIE), a software and electronic medical records service provider has paid the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services $100,000 to settle a HIPAA breach from 2015. The Indiana-based company reported the data breach to OCR on July 23, 2015, following the discovery that...
The Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) has announced a settlement with Touchstone Medical Imaging (“Touchstone”) for their potential violations of HIPAA Security and Breach Notification Rules. Touchstone has agreed to pay $3,000,000 and adopt a corrective action plan. Touchstone is a diagnostic medical imaging services company based in...
On September 20, the Department of Health and Human Services’ Office for Civil Rights announced a fine of $999,000 for three Boston hospitals, all of which violated HIPAA while allowing ABC’s TV series “Boston Med” to film the show in their facilities. Boston Medical Center (BMC), Brigham and Women’s Hospital (BWH), and Massachusetts General Hospital...
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is planning to issue an advance notice of proposed rulemaking this November that could be a major game changer for HIPAA breach settlements. According to the Data Protection Report, the OCR plans to get the public’s input on a policy change...
Malicious cyberattacks are increasing every day around the globe. In fact, cyber-incidents nearly doubled from 82,000 incidents in 2016, to 159,700 in 2017. While the media often depicts large corporations as the primary target for cyberattacks, small business are just as likely – if not more likely to be targeted. An article on CSO looks...
This article was written by Matt Fisher and originally appeared on the Mirick O’Connell Health Law Blog. It is published here with permission. At some point in time most group practices, hospitals or other provider organizations will receive a letter from the Office for Civil Rights (“OCR”). The letter will state that OCR received a...
It is no secret that despite increased awareness of data breaches around the globe, businesses continue to fall victim to cybercriminals exploiting their weak security measures. An article on Small Business Computing explores data breaches and how the size of the business doesn’t matter to criminals seeking confidential information. Large corporations are often thought to...
It is no secret that healthcare organizations underfund their defense efforts when it comes to protecting patient data. Even though personal health information is very valuable to cybercriminals and can even generate more revenue on the black market than financial information, healthcare organizations continue to take a lax approach in their cybersecurity practices. Last week...
The Center for Children’s Digestive Health (CCDH) a small, for-profit practice has agreed to implement a corrective action plan for their potential violations of the Health Insurance Portability Accountability Act of 1996 (HIPAA) Privacy Rule. According to the U.S. Department of Health and Human Services (HHS), the settlement includes a hefty payment of $31,000 for...
Preparing for a HIPAA audit is vital for healthcare organizations. Sure, these organizations understand that they may face a HIPAA audit, but often let preparation for such an event fall to the bottom of their priority list. It is important to ensure your organization is prepared prior to receiving notification of a forthcoming audit. An...
© 2025 · HIPAA Secure Now!
Recent Comments