Previous All Posts Next

OHSU Agrees to Pay $2.7 Million in HIPAA Fines

Posted: July 20, 2016 to Compliance.

Tags: HIPAA, Compliance, Data Breach

Oregon Health and Science University (OHSU) was accused of violating two HIPAA data breaches involving protected health information (PHI). The first breach revolved around a stolen laptop. The second breach occurred when OHSU contracted cloud storage usage without securing a business associate agreement. Although these violations have not yet caused harm to any OHSU patients, the healthcare institution has taken responsibility by agreeing to pay $2.7 million in fines and by implementing a stringent 3-year plan to ensure that the university is following HIPAA standards. In a statement from CIO Bridget Barnes, she states that, “In the face of these challenges, OHSU is proactively working to ensure the creation of a sustainable gold standard for protected health information security and HIPAA compliance.”

Related Articles

Your Enterprise Roadmap to EU AI Act Compliance Your Enterprise Roadmap to EU AI Act Compliance Securing MLOps: Model Risk, Controls & Compliance Securing MLOps: Model Risk, Controls & Compliance Scaling HIPAA-Compliant GenAI: From Pilot to Production Scaling HIPAA-Compliant GenAI: From Pilot to Production NIST CSF 2.0 for Boards: Your Practical Cyber Roadmap NIST CSF 2.0 for Boards: Your Practical Cyber Roadmap
Craig Petronella
Craig Petronella
CEO & Founder, Petronella Technology Group | CMMC Registered Practitioner

Craig Petronella is a cybersecurity expert with over 24 years of experience protecting businesses from cyber threats. As founder of Petronella Technology Group, he has helped over 2,500 organizations strengthen their security posture, achieve compliance, and respond to incidents.

LinkedIn Twitter About
Related Service
Achieve Compliance with Expert Guidance

CMMC, HIPAA, NIST, PCI-DSS — we have 80% of documentation pre-written to accelerate your timeline.

Learn About Compliance Services
Previous All Posts Next