Looking for a Business Associate Agreement? Download our FREE starter template.
Total HIPAA Logo

OCR Settlement Proves Quick Breach Response Can Protect Your Business

Sep 26, 2022

If you’re a Covered Entity or someone who is affected by HIPAA laws and regulations, you know as well as anyone that a data breach can have serious repercussions on your organization. From client trust and financial consequences to legal ramifications, a breach of data is no laughing matter. To illustrate the importance of a quick breach response, let’s get into some details about a recent case from a medical center in Oklahoma, and what it has to do with you.

The Office for Civil Rights (OCR) and the U.S. Department of Health and Human Services (HHS) have recently taken action against a medical center in Oklahoma because they violated HIPAA’s privacy, security, and breach notification rules. What was the consequence? $875,000 in fines. 

This was due to a breach in their web server that contained PHI that dated back to March 2016. This breach leaked information belonging to more than 275,000 people, including their names, dates of service, addresses, and treatment info. The medical center reported the breach in January of 2018, stating that it occurred in November 2017, when it was about a year before that. As justification, the medical center stated that they were unaware of the breach that occurred in 2016. They weren’t aware that their server contained PHI, and didn’t know where their PHI was stored. 

OCR investigated further and found that the medical center did not meet the required standards for the protection of PHI, ultimately leading to the breach. Not only is this medical center still paying for this incident, they now have to undergo a corrective action plan (CAP), closely monitored by OCR for two years.

So, what does this mean for Covered Entities? Well, this is just one of many real-life examples proving just how important it is to have a robust HIPAA compliance plan. It’s crucial to know where your PHI is stored and how it’s being protected to protect your relationships with clients and your business against unfortunate circumstances, such as this one. 

This is just one of many examples of why HIPAA policies and procedures are crucial. By having a set of detailed plans for device usage, quick breach response, and security protocols already established, you allow yourself to take swift and effective action if a breach occurs. If these are not already in place, you run the major risk of meeting the incident unprepared, endangering valuable PHI, compromising trust with clients, and putting your organization in a financially vulnerable position. 

A structured plan puts your organization’s future in a much more stable and reliable position while giving you the peace of mind that you have done everything in your power to protect your organization and your PHI from data breaches.

If you’re not sure where to start, we can help. Want to know more about how you can become HIPAA compliant?

Email us at info@totalhipaa.com to learn more about how we can help your organization become (and stay!) HIPAA compliant. Or, get started here.

  1. Recent OCR Settlement Proves Swift Action Can Protect PHI and Your Bottom Line
  2. Repercussions of a Security Breach

Sharing is caring!

Documents

Looking for a Business Associate Agreement?

Download our free template to get started on your path toward HIPAA compliance.

Download Now

Let's keep in touch.

Stay up to date on the latest HIPAA news, plus receive tons of free tools and info.

Navigating HIPAA Compliance in 2022

Watch the recording of this webinar to learn more about how you can become and stay HIPAA compliant!

Document

Related Posts

Why Insurance Agents Need to Be HIPAA Compliant

Why Insurance Agents Need to Be HIPAA Compliant

The world of HIPAA compliance is often confusing and complex. It can be hard to tell what exactly the standards and requirements are and to whom they apply. Whether you’re an insurance agent or do...

Is Gmail’s Confidential Mode HIPAA Compliant?

Is Gmail’s Confidential Mode HIPAA Compliant?

Gmail is exceedingly popular among email users for both personal and business purposes — and for good reason. It’s the second most widely-used email platform, after Apple Mail. It’s well run, user...

Save & Share Cart
Your Shopping Cart will be saved and you'll be given a link. You, or anyone with the link, can use it to retrieve your Cart at any time.
Back Save & Share Cart
Your Shopping Cart will be saved with Product pictures and information, and Cart Totals. Then send it to yourself, or a friend, with a link to retrieve it at any time.
Your cart email sent successfully :)

[el.selectedIndex]
[el.selectedIndex]
[fieldObj.selectedIndex]
[fieldObj.selectedIndex]
[el.selectedIndex]
[el.selectedIndex]
[fieldObj.selectedIndex]
[fieldObj.selectedIndex]
[el.selectedIndex]
[el.selectedIndex]
[fieldObj.selectedIndex]
[fieldObj.selectedIndex]