HHS OCR
-
MMG Fusion resolves alleged HIPAA violations with HHS
An OCR investigation revealed that an unnamed actor infiltrated the cloud-based solutions provider’s network and posted the PHI of 15 million dental patients on the dark web.
-
HHS rolls out ‘whole of department’ AI strategy and compliance plans
The agency is hailing its strategy as the fulfillment of its commitment to enhance efficiency – but will it make personal health information any safer?
-
Coalition of providers and insurers call on HHS to strike proposed cybersecurity demands
A letter from 100 industry orgs told HHS that healthcare providers would face an “extreme and unnecessary regulatory burden” under the proposals.
-
HHS secures $175,000 HIPAA settlement over phishing ransomware breach
The case underscores HHS’s growing focus on business associates and the Risk Analysis Enforcement Initiative.
-
HHS FAQs clarify health information disclosure rules
New detail confirms that patient information under HIPAA can be shared by health providers and also reaffirms broad data access rights by patients.
-
HHS settles with Comstar over cyber risk analysis failures
An investigation found that lapses in risk assessment contributed to a massive ransomware breach at the ambulance billing service.
-
HHS settles HIPAA Security Rule investigation with Health Fitness Corp
Thousands of customers affected by breach that led to personal health information becoming discoverable online.
-
HHS investigates med schools and hospitals under EO banning DEI programs
Move explained as a response to “allegations and information” received by the Office of Civil Rights.