Looking for a Business Associate Agreement? Download our FREE starter template.
Total HIPAA Logo

OCR Settlement Proves Quick Breach Response Can Protect Your Business

If you’re a Covered Entity or someone who is affected by HIPAA laws and regulations, you know as well as anyone that a data breach can have serious repercussions on your organization. From client trust and financial consequences to legal ramifications, a breach of data is no laughing matter. To illustrate the importance of a quick breach response, let’s get into some details about a recent case from a medical center in Oklahoma, and what it has to do with you.

The Office for Civil Rights (OCR) and the U.S. Department of Health and Human Services (HHS) have recently taken action against a medical center in Oklahoma because they violated HIPAA’s privacy, security, and breach notification rules. What was the consequence? $875,000 in fines. 

This was due to a breach in their web server that contained PHI that dated back to March 2016. This breach leaked information belonging to more than 275,000 people, including their names, dates of service, addresses, and treatment info. The medical center reported the breach in January of 2018, stating that it occurred in November 2017, when it was about a year before that. As justification, the medical center stated that they were unaware of the breach that occurred in 2016. They weren’t aware that their server contained PHI, and didn’t know where their PHI was stored. 

OCR investigated further and found that the medical center did not meet the required standards for the protection of PHI, ultimately leading to the breach. Not only is this medical center still paying for this incident, they now have to undergo a corrective action plan (CAP), closely monitored by OCR for two years.

So, what does this mean for Covered Entities? Well, this is just one of many real-life examples proving just how important it is to have a robust HIPAA compliance plan. It’s crucial to know where your PHI is stored and how it’s being protected to protect your relationships with clients and your business against unfortunate circumstances, such as this one. 

This is just one of many examples of why HIPAA policies and procedures are crucial. By having a set of detailed plans for device usage, quick breach response, and security protocols already established, you allow yourself to take swift and effective action if a breach occurs. If these are not already in place, you run the major risk of meeting the incident unprepared, endangering valuable PHI, compromising trust with clients, and putting your organization in a financially vulnerable position. 

A structured plan puts your organization’s future in a much more stable and reliable position while giving you the peace of mind that you have done everything in your power to protect your organization and your PHI from data breaches.

If you’re not sure where to start, we can help. Want to know more about how you can become HIPAA compliant?

Email us at info@totalhipaa.com to learn more about how we can help your organization become (and stay!) HIPAA compliant. Or, get started here.

  1. Recent OCR Settlement Proves Swift Action Can Protect PHI and Your Bottom Line
  2. Repercussions of a Security Breach

Our HIPAA compliance services help ensure that your business follows the basic HIPAA rules and guidelines to protect sensitive patient information. Our team of experts is dedicated to providing affordable rates and personalized solutions to help you become HIPAA compliant. We understand that navigating the complex requirements of HIPAA can be challenging, which is why we offer a comprehensive range of services to meet your unique needs. From risk assessments to employee training, we have the tools and expertise necessary to help your business achieve and maintain HIPAA compliance. Contact us today to learn more about how we can help you protect your patients, your employees, and your business.

Sharing is caring!


Looking for a Business Associate Agreement?

Download our free template to get started on your path toward HIPAA compliance.

Download Now

Let's keep in touch

Stay up to date on the latest HIPAA news, plus receive tons of free tools and info.

Navigating HIPAA Compliance in 2023

Watch the recording of this webinar to learn more about how you can become and stay HIPAA compliant!


Related Posts

What is Access Control in terms of HIPAA?

What is Access Control in terms of HIPAA?

Access control, in terms of cybersecurity, refers to the practice of managing and regulating who can access specific resources, systems, or data within an organization's network or information...

Comparing HIPAA and NIST

Comparing HIPAA and NIST

In the ever-evolving landscape of data security and privacy, two key frameworks have emerged as significant players: HIPAA and NIST. Both emphasize the importance of safeguarding sensitive...

Save & Share Cart
Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
Back Save & Share Cart
Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
Your cart email sent successfully :)