IFD4

HIPAA Compliance After the First Health Center Settlement

Date
October 27, 2017
Explore related products in the following collection:
7E8D3D28-4DF2-E311-B196-0025B3A62EEE

In April 2017, the Office for Civil Rights (OCR) announced a $400,000 HIPAA settlement with a federally qualified health center. Although the health center responded appropriately to an email phishing incident affecting over 3,000 patient records, OCR found that the health center failed to complete the required risk assessment process and it failed to implement any corresponding risk management plans to address the risks and vulnerabilities identified in a risk analysis. With each settlement announced, OCR is sending a message to similar health care entities and this time the message was clearly directed at health centers. In this session, we'll review the health system settlement and several other recent settlements to identify enforcement trends, settlement trends, and lessons learned.

Speakers

Speaker Image for Andy Gulati
Manager, Health Information Technology Training, NACHC
Speaker Image for Dianne Pledgie
Partner and Compliance Counsel, Feldesman Leifer

Related Products

Thumbnail for Corporate Compliance: Integrating Leadership and Management
Corporate Compliance: Integrating Leadership and Management
requirements cannot rest on the health center’s Compliance Officer alone. Instead, compliance should be viewed similarly to other organization-wide initiatives that require both leadership and management to be successful…
Thumbnail for Corporate Compliance: Integrating Leadership and Management
Corporate Compliance: Integrating Leadership and Management
Maintaining compliance with applicable legal requirements cannot rest on the health center's Compliance Officer alone. Instead, compliance should be viewed similarly to other organization-wide initiatives that require both leadership and management to be successful…
Thumbnail for Legal Updates on Patient Confidentiality Rules
Legal Updates on Patient Confidentiality Rules
This session will update health centers in detail on HIPAA and 42 CFR Part 2, which govern patient privacy rules. The implications of proposed new regulations will be discussed…
Thumbnail for Corporate Compliance: Integrating Leadership and Management
Corporate Compliance: Integrating Leadership and Management
Maintaining compliance with applicable legal requirements cannot rest on the health center’s Compliance Officer alone. Instead, compliance should be viewed similarly to other organization-wide initiatives that require both leadership and management to be successful…

Copyright © 2025 National Association of Community Health Centers
Powered by Conexiant DXP

Privacy Policy Update: We value your privacy and want you to understand how your information is being used. To make sure you have current and accurate information about this sites privacy practices please visit the privacy center by clicking here.