Health IT Security June 3, 2024
Jill McKeon

OCR updated its FAQ webpage and affirmed that covered entities may delegate breach notification responsibilities to Change Healthcare.

The HHS Office for Civil Rights (OCR) updated its frequently asked questions (FAQ) webpage regarding the Change Healthcare cyberattack, clarifying breach reporting requirements for affected covered entities.

As previously reported, more than 100 industry groups undersigned a letter to OCR in mid-May seeking clarity about data breach reporting responsibilities related to the Change Healthcare cyberattack, which resulted in operational and financial difficulties for healthcare providers nationwide.

UnitedHealth Group (UHG) offered to “make notifications and undertake related administrative requirements on behalf of any provider or customer,” which would ease individual reporting requirements for affected entities. However, OCR’s initial FAQ page stressed that it...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Cybersecurity, Govt Agencies, Health IT, HHS, Provider, Technology
Related Articles:
Six Cybersecurity Trends Heating Up In 2025
Five Things The C-Suite Gets Wrong About Cybersecurity
Critical Condition: The Increasing Frequency of Ransomware Attacks in Healthcare
Cyber Help Needed: KLAS Report Finds Many Health Systems Availing Themselves of Consulting & Managed Services to Stay Secure
Top Five Trends

Share This Article