An Update on HIPAA Enforcement
While the number of resolution agreements is slightly trending downward, the fines are skyrocketing.
As we reported in June of 2017, the U.S. Department of Health and Human Services (HHS) was on a record pace for the number of enforcement actions it had taken against Covered Entities and Business Associates for violations of the HIPAA Security Rules.
In 2016, it entered into 13 Resolution Agreements, and within the first five months of 2017, they had already brought nine enforcement actions. It appears that any hopes for less enforcement of regulations with a new administration are not panning out.
There has been a slight decline in the number of enforcements taken by the Office for Civil Rights (OCR) since May of 2017. In fact, since that time, there have been a total of 10 additional actions taken.
However, the amount of fines and the average fine per action being levied by OCR has increased dramatically.
Fill out the form below to read more.

Recent Articles View All Thought Leadership
By Amy L. Sandlin, CPA, Tax Quality at Blue & Co. On July 4, 2025, President Trump signed into law a sweeping budget reconciliation bill, informally titled the “One Big […]
In the ever-evolving healthcare landscape, prioritizing initiatives to improve margins is crucial to maintain financial stability. As inflationary pressures continue to impact labor, purchased services, and supplies, it is imperative […]
COLUMBUS, Ohio. (July 1, 2025) – Blue & Co., LLC and Blue Benefits Consulting, Inc. are delighted to share that M. Jane Shawver, QKC, QKA, has been named President of […]