OCR Cybersecurity Newsletter Highlights Importance of HIPAA Sanctions Policies
The Office for Civil Rights (OCR) recently offered covered entities and business associates (regulated entities) some not-so-subtle reminders in its October 2023 Cybersecurity Information Bulletin that effective sanctions policies can encourage HIPAA compliance. Regulated entities are required by HIPAA to implement sanctions policies in which they impose appropriate sanctions against their respective personnel who fail …