Pulse June 3, 2024
Matt Fisher

When the likely inevitable data breach occurs, who is responsible for sending the notice? Does the answer change when a breach is bigger? Does the answer change because a business associate is involved? Understanding ahead of time is informative, especially since the issue has been thrown into the spotlight by the big breach at Change Healthcare.

What Does HIPAA Say?

The starting point is the Breach Notification Rule. The Breach Notification Rule sets the specific requirements for sending out notices about a data breach. The requirement is clear in the rule. The covered entity is responsible for sending the notification as written in the rule.

“A covered entity shall, folllwing the discovery of a breach of unsecured protected health...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Provider, Technology
Related Articles:
A unified front: Cybersecurity's role in healthcare operations and patient safety | Viewpoint
3 leadership lessons we can learn from ethical hackers
Demonstrating Cybersecurity ROI: How To Get The C-Suite On Board With Zero Trust
Hospital cybersecurity spend to rise in 2025: 4 details
GAO: HHS falls short on healthcare cybersecurity

Share This Article