Too Small to Fail?
Small doctor offices are not under the radar. Often, disgruntled patients or (ex) employees will report them to officials, according to articles I've read about smaller providers that have been fined for abusing HIPAA. Government agencies are always stretched thin; the public is not -- and no service provider ever has 100% satisfaction! As your article says, a lot of times breaches come down to human error, not technology. A clerk leaves papers on a desk; a receptionists discusses a patient in a waiting room, or a doctor loses her phone.