An investigation by OCR on privacy breaches has been settled by UCLA for the sum of $865,500. An OCR investigation found that UCLA hospital employees violated the HIPAA Act by viewing electronic health records or celebrity patients without authorization. During the investigation OCR found that the UCLA Health System failed to use adequate security measures or properly document certain trainings or sanctions.
In addition to the financial cost, UCLA Health System is required to submit a corrective plan to federal regulators outlining how the organization would prevent future privacy breaches
Source – Los Angeles Times