HIPAA penalties continue to be applied not only for HIPAA Security Rule and Privacy Rule noncompliance discovered after breaches have occurred, but more are being applied for HIPAA non-compliance in situations where breaches were not involved. Non-compliance penalties have been given for not following requirements in the Privacy Rule, Security Rule and Breach Notification Rule. In Q1 of 2021 all but one of the non-compliance penalties were applied against entities for violation of the HIPAA Privacy Rule's right of access standard. These entities ranged from small clinics to a large health insurer that experienced a multi-year breach affecting over 9.3 million people. Multi-year corrective actions and multi-million-dollar penalties were applied by the HHS OCR for violating multiple Privacy Rule, Security Rule and Breach Notification Rule requirements. See and hear a summary of all the penalties and required actions the HHS OCR gave in Q1 2021 in this free video from Privacy & Security Brainiacs. For more information and resources on HIPAA visit https://privacysecuritybrainiacs.com/.