First HIPAA enforcement action for lack of timely breach notification settles for $475,000

The U.S. Department of Health and Human Services, Office for Civil Rights (OCR), has announced the first HIPAA settlement based on the untimely reporting of a breach of unsecured protected health information.  Presence Health has agreed to settle potential violations of the HIPAA Breach Notification Rule by paying $475,000 and agreeing to implement a corrective action plan.

Content created by Office for Civil Rights (OCR)
Content last reviewed