Pulse February 23, 2024
Matt Fisher

On February 22, 2024, the HHS Office for Civil Rights announced its second settlement of alleged HIPAA violations stemming from a ransomware attack. The settlement marked the second such action announced in 2024, which hints at more to come. The expectation of more settlements would certainly match the approach that has been taken with problems surrounding the individual right of access.

Latest Ransomware Settlement

The announced settlement was with Green Ridge Behavioral Health (“Green Ridge”) stemming from a required breach notification. Getting into the specifics, Green Ridge reported breach impacting records of over 14,000 patients on February 11, 2019. OCR launched its investigation on December 12, 2019. That is where the problems started to cascade.

In the resolution agreement, OCR...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Provider, Technology
Related Articles:
Opinion: STAT readers respond to First Opinion essays on site-neutral payments, free medical school tuition, and more
MGMA seeks clarity on breach notification burden in wake of Change cyberattack
Podcast: How the ACA Market Has Matured w/ Sabrina Corlette and Jason Levitis
Biden administration punts menthol cigarette rule indefinitely
MGMA seeks clarity on responsibility for breach notifications following Change Healthcare attack

Share This Article