Previous All Posts Next

OHSU Pays $2.7 Million HIPAA Fine: Key Takeaways

Posted: July 20, 2016 to Compliance.

Tags: HIPAA, Compliance, Data Breach

Oregon Health and Science University (OHSU) was accused of violating two HIPAA data breaches involving protected health information (PHI). The first breach revolved around a stolen laptop. The second breach occurred when OHSU contracted cloud storage usage without securing a business associate agreement. Although these violations have not yet caused harm to any OHSU patients, the healthcare institution has taken responsibility by agreeing to pay $2.7 million in fines and by implementing a stringent 3-year plan to ensure that the university is following HIPAA standards. In a statement from CIO Bridget Barnes, she states that, “In the face of these challenges, OHSU is proactively working to ensure the creation of a sustainable gold standard for protected health information security and HIPAA compliance.”

Related Articles

Need help implementing these strategies? Our cybersecurity experts can assess your environment and build a tailored plan.
Get Free Assessment
Explore Our Services
Cybersecurity AI Services Compliance HIPAA CMMC Managed IT

Related Articles

Law Firm Cybersecurity: ABA 1.6(c) Compliance Guide 2026 NIST CSF 2.0 for Boards: Your Practical Cyber Roadmap NIST CSF 2.0 for Boards: Your Practical Cyber Roadmap Best CMMC Compliance Consultants 2026: Verified RPOs NIST 800-50 Rev 1: Awareness Training Blueprint NIST 800-50 Rev 1: Awareness Training Blueprint

About the Author

Craig Petronella, CEO and Founder of Petronella Technology Group
CEO, Founder & AI Architect, Petronella Technology Group

Craig Petronella founded Petronella Technology Group in 2002 and has spent 20+ years professionally at the intersection of cybersecurity, AI, compliance, and digital forensics. He holds the CMMC Registered Practitioner credential issued by the Cyber AB and leads Petronella as a CMMC-AB Registered Provider Organization (RPO #1449). Craig is an NC Licensed Digital Forensics Examiner (License #604180-DFE) and completed MIT Professional Education programs in AI, Blockchain, and Cybersecurity. He also holds CompTIA Security+, CCNA, and Hyperledger certifications.

He is an Amazon #1 Best-Selling Author of 15+ books on cybersecurity and compliance, host of the Encrypted Ambition podcast (95+ episodes on Apple Podcasts, Spotify, and Amazon), and a cybersecurity keynote speaker with 200+ engagements at conferences, law firms, and corporate boardrooms. Craig serves as Contributing Editor for Cybersecurity at NC Triangle Attorney at Law Magazine and is a guest lecturer at NCCU School of Law. He has served as a digital forensics expert witness in federal and state court cases involving cybercrime, cryptocurrency fraud, SIM-swap attacks, and data breaches.

Under his leadership, Petronella Technology Group has served hundreds of regulated SMB clients across NC and the southeast since 2002, earned a BBB A+ rating every year since 2003, and been featured as a cybersecurity authority on CBS, ABC, NBC, FOX, and WRAL. The company leverages SOC 2 Type II certified platforms and specializes in AI implementation, managed cybersecurity, CMMC/HIPAA/SOC 2 compliance, and digital forensics for businesses across the United States.

CMMC-RP NC Licensed DFE MIT Certified CompTIA Security+ Expert Witness 15+ Books
Related Service
Achieve Compliance with Expert Guidance

CMMC, HIPAA, NIST, PCI-DSS - we have 80% of documentation pre-written to accelerate your timeline.

Learn About Compliance Services
Previous All Posts Next
Free cybersecurity consultation available Schedule Now