Top 5 HIPAA compliance issues and who commits them

Every hour of every day an average of two HIPAA complaints come into the Department of Health and Human Services’ Office for Civil Rights (OCR). Let us help you stay in compliance and stay off the OCR’s complaint list.
OCR proposes big changes to HIPAA Privacy Rule

This week, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released proposed changes to the HIPAA Privacy Rule that would “break down barriers that have stood in the way of commonsense care coordination and value-based arrangements for far too long,” according HHS Secretary Alex Azar.
Alert: Postcard Disguised as Official OCR Communication is in the Mail

Though the postage is marked first class, the mailer’s intent is not. In fact, it is another low-class act by scammers. The United States Office for Civil Rights (OCR) released a statement on August 6 about postcards that are being sent to health care organizations disguised as official OCR communications, claiming to be notices of a mandatory HIPAA compliance risk assessment.
OCR Ensures Patients Can Receive Religious Visitations During COVID-19 in a Maryland Health System

Tuesday the Office for Civil Rights (OCR) at the U.S Department of Health and Human Services (HHS) announced the resolution of a religious discrimination complaint against Prince George’s Hospital Center of the University of Maryland Medical System (UMMS) after UMMS adopted new policies ensuring clergy access to patients for religious purposes during the COVID-19 pandemic.
OCR warns there is an individual posing as OCR Investigator

On April 3, the Office for Civil Rights (OCR) issued an alert that an individual posing as an OCR Investigator has contacted HIPAA covered entities in an attempt to obtain protected health information (PHI).
Important notice regarding individuals’ right of access to health records

The Department of Health and Human Services’ Office for Civil Rights has released an announcement that certain legislative changes regarding individuals’ right of access to health records have been reversed.
Do you understand what PHI is?

An apparent lack of understanding of what defines Protected Health Information (PHI) has cost one hospital system $2.175 million in fines to the Office for Civil Rights (OCR) at the U.S Department of Health and Human Services (HHS).
HHS reduces maximum civil penalties for HIPAA violations

The HHS published a Notification of Enforcement Discretion Regarding HIPAA Civil Money Penalties that changes the interpretation of fines for violations defined under the HITECH Act, effectively reducing some of the annual limits.
PrivaPlan advises rural health care staff to train, train and retrain

Train, train and retrain is at the top of PrivaPlan’s list of practical solutions for being HIPAA compliant.
Judge rules in favor of OCR, orders cancer center to pay $4.3 for HIPAA violations
A HHS Administrative Law Judge has ruled that MD Anderson violated HIPAA and is requiring the Texas cancer center to pay $4.3 million in penalties to the OCR.