Yearly HIPAA Breach Notification Deadline Approaching

February 7, 2024
HIPAA medical law: doctor holding stethoscope, scale of justice

Each year healthcare organizations must report breaches affecting less than 500 patients to the Department of Health and Human Services (HHS) within 60 days from the end of the calendar year in which the breach occurred. This means that smaller scale breaches that occurred in any given year must be reported by March 1 the following year to the HHS — or February 29 in a leap year which 2024 is.

To provide healthcare organizations guidance on how to comply with the HIPAA Breach Notification Rule, and the breach notification deadline are discussed below.

What Is Considered a Breach Under HIPAA?

Under HIPAA, a breach is an incident that has the potential to compromise protected health information (PHI). This includes hacking incidents, unauthorized access to PHI (whether it be an outside party, or a member of your workforce accessing PHI without cause), theft or loss of an unencrypted device with access to PHI, or improper disposal of medical records.

Read more at Compliancy Group >>

Become a member

Get the tools you need to succeed in the medical spa industry.

Related
    • FDA Advisory Committee to Review Seven Peptides for Potential Use in Compounding
    • Medicare GLP-1 Bridge Program Launches July 1, Expanding Access for Some Patients
    • Universal Healthcare Consulting Becomes Platinum Vendor Affiliate with the American Med Spa Association
    • DAW Systems Earns First Artificial Intelligence Accreditation from DirectTrust
    • Estée Lauder Executive’s Death Linked to Pulmonary Embolism Following Cosmetic Filler Injection