HIPAA Violations

The top 10 HIPAA violations by Covered Entities and Business Associates include the following:


  1. Snooping on healthcare records;
  2. Failure to perform risk analysis;
  3. Failure to manage security risks;
  4. Failure to enter into a HIPAA compliant BAA once again is your Business Associate Agreement;
  5. Insufficient ePHI access controls;
  6. Failure to use encryption to safeguard portable devices;
  7. Failure to issue breach notification;
  8. Impermissible disclosure of PHI;
  9. Improper disposal of PHI after the retention period has expired;
  10. Denying patients access to health records.