The OCR investigation uncovered numerous other instances between 2005 and 2009 where hospital employees had looked at protected health information belonging to other patients as well.

Statements announcing the settlement that were released today by the HHS and UCLA do not identify any specific violation. However, back in April 2008 that it had detected whole groups of employees and even doctors snooping on the medical records of celebrities such as Tom Cruise and Farrah Fawcett.

At that time, the hospital had noted that the snooping went back to 1995. One person was indicted for selling data acquired from such snooping to the media.

This marks the third time this year that HHS has cracked down on healthcare organizations that have been found in violation of HIPAA rules. In February, HHS announced that it had on health insurer Cignet Health for refusing to provide patients with access to their medical records as required under HIPAA.

That was the first civil penalty handed out since HIPAA went into effect more than 10 years ago.