Few consequences for health privacy law’s repeat offenders

CVS Health, the U.S. Department of Veterans Affairs, Walgreens, Kaiser Permanente and Walmart are among hundreds of healthcare providers who have repeatedly violated privacy laws between 2011 and 2014, Analysis by ProPublica revealed. The agency tasked with enforcing the legislation took no punitive action against these providers, with the data showing that over the course of the four years, the Office for Civil Rights deferred to each provider by reminding them of their obligations under the Act, in some cases having taken action for minor scale breaches.