Make Enhanced HIPAA Compliance a New Year’s Resolution
January 31, 2023
The Department of Health & Human Services, Office for Civil Rights (OCR) has published its “Enforcement Highlights” as of the end of the calendar year 2022. Since the 2003 Privacy Rule compliance date, the OCR has received more than 317,079 HIPAA complaints and has initiated over 1,149 compliance reviews. Resolution of complaints for which the OCR makes a negative finding may result in the provision of technical assistance by the OCR (for minor infractions) or may result in a settlement agreement under which the violating entity agrees to a monetary fine, a corrective action plan, and monitoring for a period of time. As of December 31, 2022, the OCR settled or imposed civil money penalties exceeding $133 million over a total of 129 cases.