By: Lewis Brisbois' Data Privacy & Cybersecurity Team
Organizations that experienced a data incident in 2019 affecting the protected health information (PHI) of less than 500 individuals have just a few more days to submit their notification to the U.S. Department of Health & Human Services’ Office for Civil Rights (HHS/OCR).
Under the Health Insurance Portability and Accountability Act (HIPAA) Breach Notification Rule, a covered entity or business associate subject to HIPAA is required to report a breach that affected fewer than 500 people to HHS/OCR no later than 60 days after the end of prior calendar year.
This year, a covered entity or business associate has until March 1, 2020 to submit its 2019 small breach reports to the agency.
Our Breach Coach Portal is a free, personalized one-stop cyber portal that provides tools and resources to help clients understand exposures, establish a response plan, and minimize the effects of a breach. It also serves as a Crisis Center, providing the pertinent information clients need to respond quickly and effectively to a data breach, privacy violation, or other cyber incident
Our app provides immediate access to our national breach response team. It also provides a number of helpful materials including summaries of all state data breach notification statues, all state information security mandates, and a list of the various services we provide