A Detailed Analysis of Changes to HIPAA and the Implications for Healthcare Providers and Others in the Healthcare Industry: HIPAA Breach Notification Rule

Changes to the HIPAA Breach Notification Rule -

Background: The HITECH Act required Covered Entities to notify individuals, HHS, and in some cases, the media, of a Breach of Unsecured PHI. A Business Associate is required to notify the Covered Entity of any such Breaches so that the Covered Entity may make the notifications listed above. In response to the HITECH Act, OCR issued an interim final Breach Notification Rule effective on September 23, 2009 incorporating the requirements of the HITECH Act.

In the interim final Breach Notification Rule, a Breach was defined as, subject to certain exceptions, the unauthorized acquisition, access, use, or disclosure of PHI which compromises the security or privacy of such information, except where an unauthorized person to whom the information is disclosed would not reasonably have been able to retain such information. An unauthorized acquisition, access, use, or disclosure of PHI compromised the security or privacy of the PHI if it posed a significant risk of financial, reputational, or other harm to the individual. In other words, to determine if a Breach occurred as a result of an impermissible use or disclosure of PHI, a Covered Entity was required to perform a risk assessment to determine if there was a significant risk of harm to the individual.

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.

Written by:

Published In:


DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Womble Carlyle Sandridge & Rice, LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.