Lexology January 29, 2024
Jackson Lewis PC

For healthcare providers and health systems covered by the privacy and security regulations under the Health Insurance Portability and Accountability Act (HIPAA), a breach of unsecured protected health information (PHI) likely triggers obligations to notify affected individuals, the federal Office of Civil Rights (OCR), potentially the media and other entities. The breach also may require notification to one or more state Attorneys General, an obligation that depends on state law. Currently, the state data breach notification law in Michigan does not provide for Attorney General notification, something Michigan Attorney General Dana Nessel wants to change, according to reporting earlier this month from the HIPAA Journal.

Spurring the Michigan AG are concerns about the timing of notification to patients about recent...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, Health System / Hospital, Healthcare System, HIPAA, Privacy / Security, Provider, States, Technology
Related Articles:
Lessons From Oregon’s Attempt To Strengthen The 'Corporate Practice Of Medicine' Ban
Adventist Healthcare hospital to add ASC to meet demand
CMO: Small-Format Hospitals Increase Access to Care in Underserved Communities
Colorado school plans new medical college for 2026
Hospitals improve their patient experience and infection scores

Share This Article