Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

  • About HHS
  • MAHA in Action
  • Programs & Services
  • Grants & Contracts
  • Laws & Regulations
  • Radical Transparency
  • HIPAA for Individuals
  • Filing a Complaint
  • HIPAA for Professionals
  • Newsroom
Breadcrumb
  1. HHS
  2. HIPAA Home
  3. For Professionals
  4. HIPAA Compliance and Enforcement
  5. Case Examples
  6. Case Examples Organized by Covered Entity
  • HIPAA for Professionals
  • Regulatory Initiatives
  • Privacy
    • Summary of the Privacy Rule
    • Guidance
    • Combined Text of All Rules
    • HIPAA Related Links
  • Security
    • Security Rule NPRM
    • Summary of the Security Rule
    • Security Guidance
    • Cyber Security Guidance
  • Breach Notification
    • Breach Reporting
    • Guidance
    • Reports to Congress
    • Regulation History
  • Compliance & Enforcement
    • Enforcement Rule
    • Enforcement Process
    • Enforcement Data
    • Resolution Agreements
    • Case Examples
    • Audit
    • Reports to Congress
    • State Attorneys General
  • Special Topics
    • HIPAA and Part 2
    • Change Healthcare Cybersecurity Incident FAQs
    • HIPAA and COVID-19
    • HIPAA and Reproductive Health
      • HIPAA and Final Rule Notice
    • HIPAA and Telehealth
    • HIPAA and FERPA
    • Research
    • Public Health
    • Emergency Response
    • Health Information Technology
    • Health Apps
  • Patient Safety
  • Covered Entities & Business Associates
    • Business Associate Contracts
    • Business Associates
  • Training & Resources
  • FAQs for Professionals
  • Other Administrative Simplification Rules

Case Examples Organized by Covered Entity

Topics on this page:

  • General Hospitals
  • Health Care Providers
  • Health Plans / HMOs
  • Outpatient Facilities
  • Pharmacies
  • Private Practices
  • Mental Health Centers

General Hospitals

  • Hospital Implements New Policies for Telephone Messages

  • Hospital Issues Guidelines Regarding Disclosures to Avert Threats to Health or Safety

  • Large Provider Revises Process to Prevent Unauthorized Disclosures to Employers

  • Public Hospital Corrects Impermissible Disclosure of Protected Health Information in Response to a Subpoena

  • Large Provider Revises Patient Contact Process

  • Large Health Care Provider Restricts Use of Patient Records

  • Hospital Revises Email Distribution as a Result of an Impermissible Disclosure

Back to top


Health Care Providers

  • Radiologist Changes Process for Disclosures Related to Workers Compensation

  • State Hospital Sanctions Employees for Disclosing Patient's PHI

  • Dentist Changes Process to Safeguard PHI

  • Physician Revises Faxing Procedures to Safeguard PHI

Back to top


Health Plans / HMOs

  • HMO Revises Process to Obtain Valid Authorizations

  • Large Medicaid Plan Corrects Vulnerability that Had Resulted in Wrongful Disclosure

  • Health Plan Corrects Computer Flaw that Caused Mailing of EOBs to Wrong Persons

  • Health Plan Corrects Impermissible Disclosure of Protected Health Information

Back to top  


Outpatient Facilities

  • Mental Health Center Corrects Process for Providing Notice of Privacy Practices

  • Outpatient Surgical Facility Corrects Privacy Procedure in Research Recruitment

  • Clinic Sanctions Supervisor for Accessing Employee Medical Record

Back to top  


Pharmacies

  • Pharmacy Chain Enters into Business Associate Agreement

  • Pharmacy Chain Institutes New Safeguards for Protected Health Information

  • Pharmacy Chain Changes Process for Disclosures to Law Enforcement

  • National Pharmacy Chain Extends Protections for Protected Health Information

Back to top


Private Practices

  • Entity Rescinds Improper Billing for Medical Record Copies

  • Private Practice Implements Safeguards

  • Private Practice Revises Process to Provide Access to Records

  • Private Practice Revises Process to Provide Access to Records

  • Private Practice Revises Access Policy

  • Private Practice Ceases Conditioning of Compliance with the Privacy Rule

  • Private Practice Revises Access Procedure

  • Private Practice Revises Policies and Procedures Addressing Activities Preparatory to Research

Back to top


Mental Health Centers

  • Mental Health Center Provides Access after Denial

  • Mental Health Center Provides Access and Revises Policies and Procedures

Back to top

Case Examples

  • All Case Examples
  • Case Examples by Covered Entity
  • Case Examples by Issue

 

Resolution Agreements

Providence Health & Services

 

Content created by Office for Civil Rights (OCR)
Content last reviewed December 23, 2022
Back to top
Secretary Robert F. Kennedy Jr.

Follow @SecKennedy

HHS icon

Follow @HHSGov

HHS Email updates

Receive email updates from HHS.

Subscribe

HHS Logo

HHS Headquarters

200 Independence Avenue, S.W.
Washington, D.C. 20201
Toll Free Call Center: 1-877-696-6775​

  • Contact HHS
  • Careers
  • HHS FAQs
  • Nondiscrimination Notice
  • Press Room
  • HHS Archive
  • Accessibility Statement
  • Privacy Policy
  • Budget/Performance
  • Inspector General
  • Web Site Disclaimers
  • EEO/No Fear Act
  • FOIA
  • The White House
  • USA.gov
  • Vulnerability Disclosure Policy