Pulse February 21, 2025
Matt Fisher

The Office for Civil Rights announced another cyber incident driven HIPAA civil monetary penalty on February 20, 2025. The settlement broke a one month lull in HIPAA enforcement announcements, though looking at the dates in the documents (all go back to the last quarter or so of 2024), it may not necessarily be an indication that enforcement of HIPAA remains an ongoing immediate priority. One side note before getting into an assessment of the settlement, if a reader subscribes to OCR’s Privacy List and/or Security List, the links to the penalty announcement, Notice of Proposed Determination, and Notice of Final Determination are not accurate (unless the messages get updated). A quick internet search will pull the correct links.

The Details

...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Govt Agencies, HIPAA, Provider
Related Articles:
OCR Kicks Off 2026 with Reminders about "System Hardening" for HIPAA Covered Entities
Providers Evaluate Security as Updated HIPAA Compliance Looms
Updates to HIPAA Notice of Privacy Practices Required by February 16, 2026
How Healthcare Organizations Can Navigate Security Changes Linked to HIPAA Updates
Preparing for the HIPAA Security Rule Update

Share Article