Mutual Matters

HIPAA Breach Reporting Deadline is Almost Here

Posted by Emma Cecil, JD on Feb 22, 2018 1:00:00 PM

R_DoctorsMeeting.jpgHealthcare providers and other HIPAA covered entities have until March 1, 2018 to report to the U.S. Department of Health & Human Services’ Office for Civil Rights (“OCR”) breaches involving fewer than 500 individuals that were discovered in the 2017 calendar year. Although covered entities must notify HHS of breaches involving 500 or more individuals within 60 days of the date the breach is discovered, breaches affecting fewer than 500 individuals may be documented in a breach log and reported on an annual basis. Covered entities who elect to report smaller breaches on an annual basis must make their submissions to HHS through the OCR online portal within 60 days after the end of the year in which the breaches were discovered, giving them a March 1, 2018 notification deadline.

If you have questions about your reporting obligations under HIPAA’s breach notification rule, 45 CFR §§ 164.400-414, please contact The Institute and speak to your dedicate patient safety consultant.

Topics: HIPAA and Cybersecurity

Subscribe to Email Updates

What other resources would you like us to provide?

Sharing Insight on Mutual Matters

As one of the leading mutual providers of Medical Professional Liability insurance, we're here to help all healthcare professionals with the challenges they face on a daily basis. The topics we cover include: 

  • MACRA
  • Healthcare legislation updates
  • HIPAA
  • Patient safety guidance
  • Practice and hospital management advice
  • and more. 

Recent Posts