top of page
Search

OCR Delivers Annual Reports to Congress

Our Department of Health and Human Services (DoHHS) spent Valentines Day issuing two annual reports to Congress; HIPAA Privacy, Security, and Breach Notification Rule Compliance and Breaches of Unsecured Protected Health Information.


The first Office of Civil Rights (OCR) report has some statistics worth sharing:

  • OCR received 30,435 new complaints alleging violations of the HIPAA Rules

  • OCR resolved 32,250 complaints alleging violations of the HIPAA Rules

  • OCR resolved 17 complaint investigations with Resolution Agreements and Corrective Action Plans (RA/CAPs) and monetary settlements totaling $802,500, and one complaint investigation with a civil money penalty in the amount of $100,000

  • OCR completed 846 compliance reviews and required subject entities to take corrective action or pay a civil money penalty in 80% (674) of these investigations. Three compliance reviews were resolved with RA/CAPs and monetary payments totaling $2,425,640.


We know that 17 RA/CAPs doesn't seem like a lot, but it is a healthy uptick from some previous years' activity. As you can read, DoHHS/OCR is very busy managing HIPAA-based complaints.


The second report highlighted what we already know, specifically that "hacking/IT incidents" remain the largest category of breaches occurring in 2022 affecting 500 or more individuals.


The graphic below links to OCR's 2022 reports.

Stay (HIPAA) safe,

Alan -



6 views0 comments

Comments


bottom of page