Blogs Home
Wednesday, August 30, 2017 12:00 PM

New Lessons on Patient Privacy Breaches and OCR HIPAA Settlements

Written by Karen Pursch, Director, Patient Privacy Solutions

When I came across this article on "5 Lessons Learned in OCR HIPAA Settlements" I knew I wanted to share it with you. It reports on the outcome of the past two years of OCR HIPAA settlements and shows how likely it is for healthcare organizations to experience a breach at some point in time. As you will read, when healthcare organizations had a breach that caught them by surprise, they experienced significant reporting efforts and costly fines.

Here are the highlights of what you and your business associates should do in light of these reports:

  • Review your approaches to HIPAA compliance and ensure employees at all levels are properly and regularly trained
  • Revisit business associate agreements, audit controls, risk management, and the data breach notification process to ensure they truly protect patient privacy
  • Ensure essential technical, administrative, and physical safeguards are updated to account for electronic PHI (ePHI) in addition to paper formats

You can read the stories behind these lessons now. Then click here to register and join us on Tuesday, September 19, 2017 at 3:00 p.m. ET for direct insight from a key HIPAA officer — Iliana L. Peters, J.D., LL.M. Ms. Peters is the senior advisor for HIPAA Compliance and Enforcement at the HHS Office for Civil Rights and is the national lead for OCR enforcement of the HIPAA rules.

Her presentation, hosted by, will focus on identifying the best practices to uncover patient privacy risks and vulnerabilities in your healthcare organization. You'll learn how to determine where you can use technology to assist in and encourage consistent compliance, plus how to manage the risk when vendors have access to your patient data.

Please register now. I know you'll find the information she presents very valuable.