Healthcare DIVE November 7, 2024
The settlements mark the sixth and seventh healthcare ransomware enforcement actions from regulators.
Dive Brief:
- The HHS’ Office for Civil Rights has settled two investigations into HIPAA violations following ransomware attacks on providers.
- Plastic Surgery Associates of South Dakota will pay $500,000 to OCR after the agency found “multiple potential violations” of the health privacy and security rule in the wake of a 2017 ransomware incident that affected more than 10,000 people, according to a press release last week.
- OCR also found Oklahoma-based Bryan County Ambulance Authority failed to conduct a risk analysis during an investigation into an attack reported in 2022 that compromised data from more than 14,000 patients. The emergency services provider will pay a $90,000 fine. ...