MedEvolve pays OCR $350K penalty over ‘insufficient’ HIPAA risk analysis

An OCR audit into MedEvolve after a 2018 healthcare data breach found the business associate several possible HIPAA violations, including failing to conduct a risk analysis.

analysis audit breach business compliance data data breach healthcare healthcare data healthcare data breach hipaa hipaa violations ocr risk risk analysis risk management