Lexology January 29, 2024
Jackson Lewis PC

For healthcare providers and health systems covered by the privacy and security regulations under the Health Insurance Portability and Accountability Act (HIPAA), a breach of unsecured protected health information (PHI) likely triggers obligations to notify affected individuals, the federal Office of Civil Rights (OCR), potentially the media and other entities. The breach also may require notification to one or more state Attorneys General, an obligation that depends on state law. Currently, the state data breach notification law in Michigan does not provide for Attorney General notification, something Michigan Attorney General Dana Nessel wants to change, according to reporting earlier this month from the HIPAA Journal.

Spurring the Michigan AG are concerns about the timing of notification to patients about recent...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, Health System / Hospital, Healthcare System, HIPAA, Privacy / Security, Provider, States, Technology
Related Articles:
Stopping the Loss of Rural Healthcare Services
A unified front: Cybersecurity's role in healthcare operations and patient safety | Viewpoint
Hospitals are seeing fewer infections, Leapfrog Group says
Are Doctors Costing Hospitals $300K Per Year?
UF Health unveils hospital at home

Share This Article