Providers: Prepare Your Breach Notification Policy! | The Nationa

Trending News

It’s the Final Countdown – The Final PWFA Regs Are Here

Corporate Transparency Act – Continued Developments

Healthcare Preview for the Week of: April 15, 2024 [Podcast]

SCOTUS Declines to Review New York City’s Rent Stabilization Law

Trending in Telehealth: April 2 – April 8, 2024

New CFIUS Rules to Enhance Enforcement and Investigation Activities

Chanel Seeks Permanent Injunction Against WGACA

EPA Finalizes National Primary Drinking Water Regulation for Certain PFAS

GeTtin' SALTy Episode 26 | Catch-up with Jared Walczak at the Tax Foundation, with a Focus on Property Tax Relief

Safety Perspectives From Region 6: OSHA’s New Walkaround Rule [Podcast]

Rosanna J. Willis

Email

248-433-7584

Bio and Articles

Providers: Prepare Your Breach Notification Policy!

by: Rosanna J. Willis of Dickinson Wright PLLC - DW Health Law Blog

Friday, January 3, 2014

Print Mail Download

i

On December 26, 2013, Adult & Pediatric Dermatology, a dermatology practice located in Massachusetts, agreed to pay a $150,000 fine after it lost an unencrypted thumb drive containing over 2,000 patients’ health records, and for its failure to institute HITECH’s breach notification requirements in response to the loss. According to the notice on the Department of Health and Human Services’ (“HHS”) website, the practice also did not have in place breach notification and training policies and procedures required under HITECH.

Providers must have proper breach notification and training policies and procedures in place in order to identify and mitigate risk to protected health information. Further, providers must make it a priority to secure electronic protected health information by, for example, encrypting hard drives.

Regarding the incident, “An ounce of prevention is worth a pound of cure” said the Director of the HHS Office of Civil Rights.

Current Legal Analysis

DOJ Files Second Qui Tam Lawsuit Against Regeneron Pharmaceuticals

by: Eva Gunasekera , Renée Brooker

Don’t Forget About These Three HIPAA Compliance Requirements

by: Hannah R. Demsien , Amy C. Ciepluch

Generative Artificial Intelligence (AI) and 401(k) Plan Fiduciary Implications

by: Michael Abbott , Aaron K. Tantleff

Five Compliance Checks Every Multinational Company Should Consider for … Being an Importer of Record

by: Gregory Husisian , John E. Turlais

Client Alert: The Coming European Union Artificial Intelligence Act – What it is and What it Means for Your Business

by: Corporate & Business Matters Stubbs Alderton & Markiles

More from Dickinson Wright PLLC

In Sports Wagering, Information is Everything!

by: Jeffrey A. Silver , Gregory R. Gemignani

IRS Issues Proposed Regulations On Deduction for Owners of Pass-Through Businesses: The Good, Bad and Ugly for Health Care Providers

by: Ralph Levy, Jr.

Before you Draft an Opioid Policy, Read This

by: Erica A. Morris

SPD V. Plan Document: Who Wins?

by: Cynthia A. Moore

J-1 Conrad Waivers: Should I Stay or Should I Go?

by: Matthew J. Martinez

HIPAA and the Opioid Crisis

by: Kimberly J. Ruppel

Québec’s Superior Court Upholds Bill 74

by: Michael D. Lipton, Q.C. , Kevin J. Weber

Mental Health Parity Really Does Mean Equal Benefits

by: Erica A. Morris , Gregory W. Moore

Once a “Patron,” Always a Patron?

by: Jeffrey A. Silver , Kate C. Lowenhar-Fisher

How to Banish the Black Market and Ensure Integrity: What States Legalizing Sports Betting for the First Time Can Learn From Nevada and Legalized Cannabis States

by: Jennifer J. Gaynor , Kate C. Lowenhar-Fisher

Upcoming Legal Education Events

Jun

4

2024

FinTech and Securities Trading Platforms

May

15

2024

Capital Connect: Finance & Funding in Life Sciences

May

14

2024

Harmonizing TSCA Consent Orders with OSHA HCS 2012

May

7

2024

FinTech and Employment Law

Print