Pulse June 3, 2024
Matt Fisher

When the likely inevitable data breach occurs, who is responsible for sending the notice? Does the answer change when a breach is bigger? Does the answer change because a business associate is involved? Understanding ahead of time is informative, especially since the issue has been thrown into the spotlight by the big breach at Change Healthcare.

What Does HIPAA Say?

The starting point is the Breach Notification Rule. The Breach Notification Rule sets the specific requirements for sending out notices about a data breach. The requirement is clear in the rule. The covered entity is responsible for sending the notification as written in the rule.

“A covered entity shall, folllwing the discovery of a breach of unsecured protected health...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, HIPAA, Provider, Technology
Related Articles:
Feds warn of Ghost ransomware targeting healthcare
1 year later: The Change Healthcare cyberattack and its lasting impact on healthcare
A Proactive Blueprint For Modern Cybersecurity
FBI Says Backup Now—Advisory Warns Of Dangerous Ransomware Attacks
How A Security Incident Response Plan Saves Money In Case Of A Cyberattack

Share This Article