Physicians Practice November 9, 2023
Rachel V. Rose, JD, MBA

These notices from HHS illuminate the agency’s thinking on HIPAA.

Both the U.S. Department of Health and Human Services Office for Civil Rights (OCR) and Office of the Inspector General (OIG) announced noteworthy items that healthcare industry participants should review.

First, on Oct. 31, OCR announced a settlement under HIPAA related to a ransomware attack, which impacted nearly 206,000 individuals. Doctors’ Management Services (DMS) agreed to pay $100,000 or approximately fifty cents ($0.50) per individual affected to settle the breach. Initially, the ransomware attack occurred in April 2017; however, DMS did not even detect the breach until nearly 20 months later in December 2018. OCR began its investigation in 2019.

None of the vulnerabilities that were exploited should be surprising,...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, OIG, Privacy / Security, Provider
Related Articles:
Scientists Fear What's Next for Public Health if RFK Jr. Is Allowed to 'Go Wild'
RFK Jr. nominated for HHS secretary. Who might he bring with him?
Medical Groups Wary of RFK Jr. Nom to Lead HHS
GAO: HHS falls short on healthcare cybersecurity
Support and Skepticism Emerge as Reactions to Robert F. Kennedy Jr’s HHS Nomination

Share This Article