Physicians Practice November 9, 2023
Rachel V. Rose, JD, MBA

These notices from HHS illuminate the agency’s thinking on HIPAA.

Both the U.S. Department of Health and Human Services Office for Civil Rights (OCR) and Office of the Inspector General (OIG) announced noteworthy items that healthcare industry participants should review.

First, on Oct. 31, OCR announced a settlement under HIPAA related to a ransomware attack, which impacted nearly 206,000 individuals. Doctors’ Management Services (DMS) agreed to pay $100,000 or approximately fifty cents ($0.50) per individual affected to settle the breach. Initially, the ransomware attack occurred in April 2017; however, DMS did not even detect the breach until nearly 20 months later in December 2018. OCR began its investigation in 2019.

None of the vulnerabilities that were exploited should be surprising,...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HHS, HIPAA, OIG, Privacy / Security, Provider
Related Articles:
HHS Task Force Launches Roadmap for Improving Maternal Mental Health
The Biden Administration’s Final Rule on Section 1557 Non-Discrimination Regulations Under the ACA
Senators take a step toward AI oversight
Senate AI Group Recommends $32 Billion in Spending
It’s Not Just About Dobbs: HHS Issues Final Rule on Reproductive Health

Share This Article