Legislation Introduced to Make Violence Against Healthcare Workers a Federal Crime
Companion bills have recently been introduced in the House of Representatives and the Senate that seek to make violent attacks on employees of hospitals and healthcare organizations a federal crime. Data released by the U.S. Bureau of Labor Statistics in 2018 revealed that healthcare workers are five times more likely to experience violence in the workplace than workers in other industries. In 2018, healthcare workers accounted for 73% of all nonfatal workplace injuries and illnesses due to violence, and there was an increase in violent incidents during the COVID-19 pandemic.
In January 2024, a poll conducted by the American College of Emergency Physicians revealed that 91% of respondents had either personally experienced violence in the workplace or were aware of a colleague who was a victim of violence in the past year. 40% of respondents said they knew of an attack on a healthcare worker in a trauma center that resulted in moderate to severe disability or death. Last year, the American College of Surgeons reported an increase in violence against surgeons. Jay J. Doucet, MD, MSc, FRCSC, FACS, director of the trauma division at the University of California (UC) San Diego Health, said, “We’ve had six surgeons killed in the last few years.”
While many incidents are perpetrated by patients in emergency rooms and psychiatric units, healthcare workers are also assaulted in other settings, including home health, doctor’s surgeries, maternity units, and elsewhere, and not just by patients. There have been reports of violent behavior from visitors, intimate partners, outsiders, and coworkers.
Violence in the workplace is contributing to an increase in work-related stress, burnout, and job dissatisfaction, and has led many workers to quit the profession. The risk of violence is also making recruitment more difficult. A 2024 National Nurses United Report warned that high and rising rates of workplace violence and employer failure to implement effective prevention strategies are contributing to the current staffing crisis. A 2023 survey revealed that almost half of nurses (45.5%) reported an increase in workplace violence in the past year, and six in 10 nurses reported having either changed or left their job or profession or considered doing so due to workplace violence.
The increase in violence against healthcare workers has prompted bipartisan legislation to make attacks on healthcare workers a federal crime. The bipartisan Save Healthcare Workers Act was introduced last month in the Senate (S.1600) by Sens. Cindy Hyde-Smith (R-MI) and Angus King (I-ME), and the companion House bill (H.R. 3178) by Reps. Mariannette Miller-Meeks (R-IA) and Madeleine Dean (D-PA). The proposed legislation would give healthcare workers similar protections as workers in the airline industry.
There have been previous attempts to introduce similar legislation, such as the Safety from Violence for Healthcare Employees (SAVE) Act in 2023, but none have been successful. While around thirty states have introduced laws that make attacks on healthcare workers a felony, federal legislation is required to discourage attacks and ensure the perpetrators face appropriate justice.
“State and local authorities are now and will continue to be responsible for prosecuting the overwhelming majority of violent crimes in the United States, including assault and intimidation against hospital employees,” according to the bill. “These authorities can address the problem of assault and intimidation against hospital employees more effectively with greater Federal law enforcement involvement… existing Federal law is inadequate to address the problem.”
The legislation calls for federal prison sentences of up to 10 years for attacks on healthcare workers, and enhanced penalties for acts of violence against healthcare workers involving a deadly or dangerous weapon or inflicting bodily injury. Those more serious attacks, as well as violent acts committed during emergency declarations, would be punishable with a jail term of up to 20 years. The legislation has exemptions from prosecution for individuals with intellectual or physical disabilities.
“I believe the federal government can help deter violence and keep our healthcare workers safe by establishing stronger penalties for those who assault hospital employees,” Hyde-Smith said. “Our legislation will protect these workers and, importantly, the people who rely on their care.”
The post Legislation Introduced to Make Violence Against Healthcare Workers a Federal Crime appeared first on The HIPAA Journal.
Optical Software Solution Provider Ocuco Reports 241K-Record Data Breach – The HIPAA Journal
Optical Software Solution Provider Ocuco Reports 241K-Record Data Breach The HIPAA Journal
Optical Software Solution Provider Ocuco Reports 241K-Record Data Breach
Ocuco Inc., a Dublin, Ireland-based provider of optical software solutions for eyecare businesses, has recently notified the HHS’ Office for Civil Rights about a data breach involving the protected health information of 240,961 individuals.
Ocuco claims to be the world’s largest provider of retail optical software solutions, with its US operations based in Florida. Ocuco’s software includes the Acuitas practice management and electronic health record system, which is used by thousands of eye care practices, clinics, and lens manufacturing labs.
Relatively little information has been released by Ocuco about the data breach at the time of writing, other than the information disclosed in the May 30, 2025, OCR breach report, which lists the incident as a network server hacking incident. This appears to have been a ransomware attack by a ransomware group known as Killsec, aka Kill Security.
Killsec claims to be a hacktivist group, but it is a financially motivated ransomware-as-a-service organization that targets government agencies and private sector businesses. On April 1, 2025, Killsec added Ocuco to its dark web data leak site, and the stolen data has since been listed for download, which suggests the ransom was not paid.
While the HIPAA Journal has not verified whether protected health information is available for download, the fact that the data breach has been reported to the HHS’ Office for Civil Rights shows that protected health information has been exposed and most likely stolen in the attack.
The dark web data leak site listing includes screenshots of the stolen data, including business files, appointment information, and several folders related to U.S. and Canadian eyecare clients, including Costco, HoustonEye, Kaiser, Mayo Clinic, Optos, Specsavers, and more. Several law firms have already opened investigations into potential class action lawsuits in response to the data breach.
This post will be updated when further information becomes available.
The post Optical Software Solution Provider Ocuco Reports 241K-Record Data Breach appeared first on The HIPAA Journal.
Will HIPAA protections continue for abortion care? Courts to soon decide – Pharos-Tribune
ComplianceJunction Introduces API Integration to Streamline HIPAA Training for Healthcare Staffing Platforms – The HIPAA Journal
ComplianceJunction Introduces API Integration to Streamline HIPAA Training for Healthcare Staffing Platforms
ComplianceJunction has announced a new API-based integration designed to simplify HIPAA compliance training for healthcare staffing platforms. This program aims to assist staffing agencies and healthcare organizations with automating the delivery and tracking of mandatory HIPAA training for temporary and contract workers. ComplianceJunction has built a reputation as the top provider of HIPAA training.
The integration enables healthcare staffing platforms to incorporate ComplianceJunction’s training modules directly into their existing systems. This allows for automated assignment of training to new hires, real-time monitoring of course completion, and centralized reporting to ensure compliance with HIPAA regulations. By embedding training into the onboarding process, the integration seeks to reduce administrative tasks and ensure that all staff members receive necessary compliance education promptly. This approach aligns with industry trends emphasizing the importance of continuous education and streamlined compliance processes in healthcare staffing.
ComplianceJunction’s training courses have previously received accreditation from organizations such as the American Health Information Management Association (AHIMA), allowing healthcare professionals to earn Continuing Education Units (CEUs) upon completion. This accreditation underscores the quality and relevance of the training content provided and motivates staff.
The API integration is part of ComplianceJunction’s broader efforts to enhance HIPAA compliance training through technology, aiming to support healthcare organizations in maintaining high standards of data privacy and security.
Further details and demonstration access are available at:
https://www.
The post ComplianceJunction Introduces API Integration to Streamline HIPAA Training for Healthcare Staffing Platforms appeared first on The HIPAA Journal.
Atomic Mail Reinforces Commitment to GDPR, HIPAA, and CCPA Compliance – TechBullion
Episource Ransomware Attack Affects More Than 5.4 Million Individuals – The HIPAA Journal
Episource Ransomware Attack Affects More Than 5.4 Million Individuals The HIPAA Journal