Category: HIPAA

HHS Office for Civil Rights Settles 9th Ransomware Investigation with Virtual Private Network Solutions

Posted on by Dissent

HHS OCR announced another settlement that is their ninth ransomware investigation and their third settlement as part of their Risk Analysis Initiative. This one stems from a breach by VPN Solutions that was previously reported on this site: Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a…

Read more

HHS Office for Civil Rights Settles HIPAA Security Rule Investigation with USR Holdings, LLC Concerning the Deletion of Electronic Protected Health Information

Posted on by Dissent

Note: In 2019, when USR Holdings disclosed this breach to affected patients, they did not mention that ePHI had been deleted. So in 2025, we are first learning of this part of the breach?  The following is HHS OCR’s press release today.  Settlement resolves multiple Security Rule failures Today, the U.S. Department of Health and…

Read more

HHS Office for Civil Rights Settles 8th Ransomware Investigation with Elgon Information Systems

Posted on by Dissent

Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced an $80,000 settlement with Elgon Information Systems (Elgon), a Massachusetts company that provides electronic medical record and billing support services to covered entities, under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. OCR enforces the HIPAA Privacy,…

Read more

White House Clears HIPAA Security Rule Update

Posted on by Dissent

Chris Riotta reports: The U.S. Department of Health and Human Services is ramping up digital efforts to protect Americans in a year that’s witnessed hackers targeting sensitive patient data and major breaches at Ascension and UnitedHealth. HHS is set to unveil a notice of proposed rulemaking requiring healthcare companies to encrypt data, conduct routine compliance…

Read more