On March 3, OCR settled with a physician practice over alleged HIPAA Security Rule violations. OCR initiated an investigation into the practice of Dr. Steven Porter after it filed a breach report with OCR concerning a dispute with a business associate. OCR’s review found the physician practice failed to conduct a risk analysis before and after the breach report. Further, OCR found the practice did not implement appropriate security measures to secure protected health information. Dr. Porter agreed to adopt a corrective action plan in addition to paying the settlement amount.