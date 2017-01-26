The HHS’ Office for Civil Rights (OCR) is responsible for enforcing HIPAA regulations, and it is becoming increasingly determined in its efforts. Violations in 2016 averaged at least one per day for the year resulting in a record number of HIPAA settlements. Audits are becoming more frequent, causing health care providers and covered entities to take new measures to ensure the security of PHI and sensitive data. In the event of a security breach, hospitals and healthcare organizations can be liable for multi-million dollar fines and potential criminal charges.

Here are six recent HIPAA violations from 2016 and thus far in 2017.

1. Lincare Inc.Lincare Inc., the home health provider, had to pay a settlement of $239,800 to the OCR in February of 2016 after the PHI of 278 patients was disclosed. The OCR alleged a general manager in Lincare left the files of patients containing PHI in her former residence after she separated from her spouse and moved out. The OCR discovered Lincare had policies in place that allowed employees to keep files containing PHI in their homes and vehicles, violating HIPAA. Lincare was one of only two organization who were required to pay a civil monetary penalty for a violation of HIPAA, all other organizations who settled in 2016 opted to do so voluntarily.

