HIPAA Sample Breach Notification Letter: Who Must Be Notified?

Under HIPAA, when a breach of unsecured PHI takes place, the covered entity that sustains the breach must notify affected individuals of the breach. Notification must be provided through a breach notification letter. The content requirements and a HIPAA sample breach notification letter are discussed below. Patient Notification in Breach Notification Letters Prior to 2009, many breaches of unsecured PHI went unreported, [...]

2023-09-21T15:46:21-04:00February 15th, 2022|

What is a HIPAA Breach Notification Form?

You may have been hearing a lot about HIPAA breach notification reporting lately and for a good reason. The deadline to report small-scale breaches to the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is March 1st. When reporting breaches to the HHS OCR, they require you to submit a HIPAA Breach Notification Form.  Before completing the form, [...]

2023-07-27T13:43:22-04:00February 8th, 2022|

FTC Breach Notification Rule Expands for Health Applications

A recent policy statement by the Federal Trade Commission (FTC) has dramatically expanded coverage and penalties under the FTC Breach Notification Rule for companies that develop and offer mobile health applications and services for consumers. History of the FTC Breach Notification Rule As issued by the FTC in 2009, the Breach Notification Rule required PHR vendors to notify the Federal Trade Commission and any affected individuals upon:  [...]

2023-07-27T13:57:52-04:00January 31st, 2022|

Don’t Miss the 2022 HIPAA Breach Notification Rule Deadline

Hopefully, you’ve been keeping a list of your minor breaches that occurred in 2021 because now is the time to report them to the Department of Health and Human Services. As the 2022 HIPAA breach notification rule deadline approaches, it is important that you know the deadline and understand what incidents need to be reported. When is the 2022 HIPAA Breach Notification [...]

2023-07-27T13:58:58-04:00January 28th, 2022|

2021 HIPAA “Wall of Shame” Healthcare Data Breaches Up 7.5%

With at least six weeks before final numbers are in, the Department of Health and Human Services HIPAA Breach Reporting Tool website is reporting 713 major healthcare data breaches in 2021, an increase of more than 7.5 percent. By the Numbers: Major Healthcare Data Breaches Increase in 2021 Protected health information (PHI) from more than 45.7 million patient records was affected by [...]

2023-07-27T14:19:36-04:00January 25th, 2022|

3.7 Million Affected By FlexBooker Breach

FlexBooker is an online appointment scheduling platform that services small businesses across several industries, including the healthcare industry. On December 23, 2021, FlexBooker disclosed that it had suffered a breach that resulted in the theft of sensitive data, some of which has been posted to the dark web. According to reports from Have I Been Pwned, the FlexBooker breach has affected 3,756,794 users thus far. [...]

2023-07-27T14:43:26-04:00January 10th, 2022|

Broward Hospital Data Breach Nets Hackers 1,300,000 Records

An October 2021 cyberattack on Broward Health resulted in the extraction of up to 1.3 million pieces of protected health information (PHI) from the system’s computer network during the hospital data breach. What Occurred in the Broward Hospital Data Breach Broward Health is a public non-profit hospital system composed of four hospitals in the greater Ft. Lauderdale, Flordia area. According to a [...]

2023-07-27T14:45:15-04:00January 7th, 2022|

At Least 32 Providers Affected by Ciox Vendor Email Breach

Healthcare information management company Ciox announced they have begun notifying business associates following an employee email breach of protected health information (PHI) affecting the patients of at least 32 healthcare providers nationwide. What We Know About the Ciox Vendor Email Breach In a post on their website, the Alpharetta, Georgia-based company admitted that an unauthorized person accessed one Ciox employee’s email account [...]

2023-07-27T15:08:53-04:00January 6th, 2022|

535,489 Patients’ Data Compromised in Texas ENT Breach

A hacker extracted the protected health information (PHI) of 535,489 patients from Texas ENT Specialists in August 2021. Although the Texas ENT breach occurred in August, it was not listed on the Office for Civil Rights portal until December 2021. Details of Texas ENT Breach Officials at Texas ENT Specialists first learned of the incident on October 19, 2021. The investigation revealed [...]

2023-07-27T15:14:22-04:00January 3rd, 2022|

103,576 Impacted by Sound Generations Breach

A nonprofit organization in Washington state, Sound Generations, reported a pair of data breaches potentially impacting 103,576 clients to the Office for Civil Rights (OCR) data breach portal on December 8, 2021. Details regarding the Sound Generations breach are discussed in detail below. Details of the Sound Generations Breach Sound Generations offers transportation, food security, and health and wellness services to seniors [...]

2023-07-27T15:30:00-04:00December 22nd, 2021|