Data Breach Results in $4.8 Million HIPAA Settlements

New York and Presbyterian Hospital

New York and Presbyterian Hospital (NYP) has agreed to pay OCR $3,300,000 to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules, and will adopt a corrective action plan to evidence their remediation of these findings.

• Read the Resolution Agreement
• HHS Press Release

Columbia University

Columbia University (CU) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules, including a $1,500,000 monetary settlement and corrective action plan to address deficiencies in its HIPAA compliance program.

• Read the Resolution Agreement
• HHS Press Release