Physicians Practice November 9, 2023
Rachel V. Rose, JD, MBA

These notices from HHS illuminate the agency’s thinking on HIPAA.

Both the U.S. Department of Health and Human Services Office for Civil Rights (OCR) and Office of the Inspector General (OIG) announced noteworthy items that healthcare industry participants should review.

First, on Oct. 31, OCR announced a settlement under HIPAA related to a ransomware attack, which impacted nearly 206,000 individuals. Doctors’ Management Services (DMS) agreed to pay $100,000 or approximately fifty cents ($0.50) per individual affected to settle the breach. Initially, the ransomware attack occurred in April 2017; however, DMS did not even detect the breach until nearly 20 months later in December 2018. OCR began its investigation in 2019.

None of the vulnerabilities that were exploited should be surprising,...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, OIG, Privacy / Security, Provider
Related Articles:
5 Key Health Care Moments During President Trump's First Month Back in Office
Trump and primary care: Best ways to Make America Health Again
HHS job cuts mount: 5 notes
President Trump Establishes Make America Healthy Again Commission: Implications for Life Science, Journal Publications and Continuing Healthcare Education
Opinion: HHS’ national health security division must be preserved

Share This Article