HIPAA Breach and Office of Civil Rights Reporting

Healthcare providers are required to follow the federal HIPAA laws and report any and all breaches of information that falls under HIPAA’s protections to the Office of Civil Rights (OCR) of Health and Human Services (HHS).  Chiefly this is protected health information (PHI).  Different breaches require different reporting protocols.  Kennedy’s attorneys are familiar with breach reporting and the remediation of the instances that allowed for such a breach.  Kennedy’s attorneys have worked with the OCR in reporting and correcting conditions to foreclose any further breaches, such that the OCR is satisfied a breach will not recur.

HHS logo 1024x930 300x272 - HIPAA Breach Reporting & RemediationWhat is HIPAA?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the Secretary of the U.S. Department of Health and Human Services (HHS) to develop regulations protecting the privacy and security of certain health information.

Prior to HIPAA, no generally accepted set of security standards or general requirements for protecting health information existed in the healthcare industry. Today, providers are using clinical applications such as computerized physician order entry (CPOE) systems, electronic health records (EHR), and radiology, pharmacy, and laboratory systems.

A major goal of the Security Rule is to protect the privacy of individuals’ health information while allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care.

Source: U.S. Department of Health and Human Services