HHS Issues Rule Requiring Individuals Be Notified of Breaches of Their Health Information

The regulations, developed by the HHS Office for Civil Rights (OCR), require health care providers and other HIPAA covered entities to promptly notify affected individuals of a breach, as well as the HHS Secretary and the media in cases where a breach affects more than 500 individuals. Breaches affecting fewer than 500 individuals will be reported to the HHS Secretary on an annual basis. The regulations also require business associates of covered entities to notify the covered entity of breaches at or by the business associate.

via HHS Issues Rule Requiring Individuals Be Notified of Breaches of Their Health Information.

Related posts

• Why Do Bad Things Happen to PCI-Compliant Companies? (0)
• Regulators:Thanks PCI, but we’ll take it from here (0)
• OCR sets rules for sharing HIPAA breach information – FierceEMR (0)
• Nosy nurse runs afoul of HIPAA regulations – Cortlandt Forum (0)
• New health-care privacy laws heighten need for HIPAA compliance in California (0)

---

Did you enjoy this post? Why not leave a comment below and continue the conversation, or subscribe to my feed and get articles like this delivered automatically each day to your feed reader. If you don't have a feed reader, you can always have these articles delivered to your email inbox every day. Click here to sign up.