Blog

May 2021 HIPAA Violations Roundup

News & PR
June 2, 2021
A roundup of the OCR Settlements reached in May 2021 h due to potential HIPAA violations.

May OCR Settlements

Following a month without any OCR Settlements in April 2021, there was only one settlement reached throughout the month of May. Though unlike the theme of most of the resolutions over the past year, this settlement between a laboratory and the OCR followed an audit and then findings of potential violations of the HIPAA Security Rule, not a Right of Access Initiative complaint. We’ll go through all the details of this settlement down below!

Peachstate Health Management, LLC

A Georgia-based clinical laboratory, Peachstate Health Management, doing business as AEON Clinical Laboratories (Peachstate) has reached a settlement with the Office of Civil Rights (OCR) following a potential violation of the HIPAA Security Rule. Peachstate, which provides laboratory services for both diagnostic, clinical, and genetic testing purposes, has agreed to pay $25,000 to the OCR, as well as implement a full corrective action plan. 

This settlement is the result of a compliance review that the OCR launched in December 2017 which investigated Peachstate’s adherence to HIPAA’s Privacy and Security Rules. At that time the investigation revealed Security Rule non-compliance on a systematic level. A few of the specific issues included the lack of an enterprise-wide risk analysis, failure to implement proper risk management and audit controls, and inability to provide proper documentation of the policies and procedures of the HIPAA Security Rule. 

As a result of this 2017 audit, and the potential violations that were found, the OCR and Peachstate have reached the aforementioned agreement of a $25,000 settlement, which also includes implementing a corrective action plan and 3 years of monitoring by the OCR. More details on this resolution agreement can be found here


More from the Blog

Why was the CCPA Introduced?
Privacy Compliance

Why was the CCPA Introduced?

Why is Personal Data Valuable?
Privacy Compliance

Why is Personal Data Valuable?

What is Personal Information Under the CPRA?
Privacy Compliance

What is Personal Information Under the CPRA?

What is Personal Data under the GDPR?
HIPAA

What is Personal Data under the GDPR?

The Truth about Data Security
Data Security

The Truth about Data Security

What is a HIPAA Lawyer?
HIPAA

What is a HIPAA Lawyer?

What Is a Data Processor?
HIPAA

What Is a Data Processor?

What is a Data Controller?
HIPAA

What is a Data Controller?

Compliance Managment Full Hexagon logo

Expert compliance support, on-demand

Accountable Compliance Success Managers are dedicated to making sure your company is fully compliant as we guide you step-by-step through the process of achieving HIPAA compliance.
chevron left
Expert guidance
chevron left
Build trust
chevron left
Dedicated Compliance Success Managers
chevron left
HIPAA Training
chevron left
Decrease risk
chevron left
Close more deals
Get Started Free
Talk To An Expert
schedule accountable demo
Accountable Compliance Management Logo

We make it easy to get your own HIPAA Certification and build trust with your customers and patients.

Product
PlaybooksHow it worksProductPricingWatch DemoSeal of Compliance
Solutions
HIPAA Compliance SolutionGDPR
Resources
BlogHIPAA TrainingHIPAA Risk AnalysisGDPR Risk Analysis
Company
AboutCareersSupportContact UsPrivacy CenterProduct Updates
Account
Sign InForgot Password
star iconstar iconstar iconstar iconstar icon

"Accountable allowed us to quickly establish Core Compliance with HIPAA as well as a firm foundation for our Security Program." - Michael H.

© 2024 Accountable HQ, Inc.
Terms of ServicePrivacy Policy