If a breach of unsecured protected health information affects 500 or more individuals, a covered entity must notify the Secretary of the breach without unreasonable delay and in no case later than 60 calendar days from the discovery of the breach. Breaches Affecting 500 or More Individuals
Please review the instructions below for submitting breach notifications. If a covered entity discovers additional information that supplements, modifies, or clarifies a previously submitted notice to the Secretary, it may submit an additional form by checking the appropriate box to indicate that it is an addendum to the initial report, using the transaction number provided after its submission of the initial breach report.
#Phi breach reporting free
If only one option is available in a particular submission category, the covered entity should pick the best option, and may provide additional details in the free text portion of the submission. If the number of individuals affected by a breach is uncertain at the time of submission, the covered entity should provide an estimate, and, if it discovers additional information, submit updates in the manner specified below. All notifications must be submitted to the Secretary using the Web portal below.Ī covered entity’s breach notification obligations differ based on whether the breach affects 500 or more individuals or fewer than 500 individuals.
A covered entity must notify the Secretary if it discovers a breach of unsecured protected health information.
0 kommentar(er)
