BREACH NOTIFICATION REMINDER Deadline for Annual Filing to HHS Approaching
February 29, 2020 is the deadline by which time Covered Entities who experienced a Breach of Unsecured Protected Health Information (PHI) during calendar year 2015 must notify the Secretary of the U.S. Department of Health & Human Services (HHS).
A Breach is defined as an unauthorized “acquisition, access, use, or disclosure” of unsecured PHI that compromises the security or privacy of the PHI. Pursuant to the 2009 HITECH Act and the 2013 Final Omnibus Rule, Covered Entities, on an annual basis, must electronically report Breaches affecting fewer than 500 individuals to HHS electronically within 60 days of the close of the calendar year. Notifications may be made by completing the form found on the HHS website.
The form requires the Covered Entity to respond to several questions about the Breach including providing a short description of what occurred and how the Breach was resolved. The Covered Entity must also certify that all of the information provided in the form is accurate.
Please be advised that not all violations of HIPAA constitute a “Breach” and only violations of HIPAA which rose to the level of a “Breach” need to be reported to HHS. Your Houston Harbaugh, P.C. attorneys are available to assist you in determining whether an incident requires the filing of a report and we can also assist in the notification filing process.
In order to navigate the complicated and ever-changing laws surrounding health care and your business, you need attorneys who understand your challenges. The Pittsburgh health care lawyers at Houston Harbaugh, P.C., have the knowledge and experience to help you manage everyday issues, as well as plan for the future.
Jessica A. Ellel - Practice Chair
Chair of Houston Harbaugh’s Health Law Practice, Jessica works almost exclusively with health care entities and health practitioners. She has extensive experience with:
- Drafting and negotiating physician employment agreements from both the physician and employer perspectives
- Negotiating contracts between physicians and hospitals
- Preparing purchase agreements to govern the sale of medical practices
- Advising on corporate governance issues, from practice formation to dissolution
- Developing comprehensive compliance plans for physician practices, hospitals, third-party billing administrators, and other health care and related entities
- Organizing strategies for compliance with fraud and abuse laws
- Addressing HIPAA compliance
Jessica is especially well-versed in HIPAA compliance and authors numerous client updates and bulletins on the subject. She conducts on-site and remote HIPAA training and also maintains Houston Harbaugh’s HIPAA compliance manual, ” Federal HIPAA Privacy Standards Simplified: A Comprehensive Tool-Kit”.