Webinar: Lessons and Examples from 2019’s HIPAA Breaches and Fines

2019 was another record-breaking year for healthcare industry data breaches. A new record was set in 2018 with 371 healthcare data breaches of 500 or more records reported to the Department of Health and Human Services’ Office for Civil Rights. That record was truly smashed in 2019 with an astonishing 492 breaches of 500 or more records reported.

2019 was a busy year for the HHS’ Office for Civil Rights. In 2019, OCR levied more than $15 million in fines to resolve violations of the HIPAA Privacy Rule, HIPAA Security Rule, and HIPAA Breach Notification Rule.

The fines were issued for a variety of compliance failures, including the failure to conduct a comprehensive, organization-wide risk analysis, failures to enter into business associate agreements with vendors, access control failures, disclosure of PHI on social media, breach notification delays and the failure to comply with the HIPAA Right of Access.

The reasons for the financial penalties may have been varied, but there was one common denominator. The financial penalties could have easily been avoided. It may not be possible to prevent all data breaches, but it is possible to avoid OCR financial penalties.

On February 19, 2020, HIPAA Journal sponsor, Compliancy Group, will be reviewing the 2019 healthcare data breaches and the financial penalties that OCR imposed on healthcare organizations and business associates of HIPAA-covered entities.

In the webinar, Compliancy Group will explain how financial penalties and the associated negative publicity can easily be avoided by implementing a simple compliance plan.

Don’t miss out on this opportunity as Compliancy Group’s HIPAA compliance experts will be giving actionable tips that you can apply to start protecting your business immediately!

Webinar Details:

Date: February 19, 2020

Time: 2PM ET / 11AM PT

Author: Steve Alder has many years of experience as a journalist, and comes from a background in market research. He is a specialist on legal and regulatory affairs, and has several years of experience writing about HIPAA. Steve holds a B.Sc. from the University of Liverpool.