How Long Do You Have to Report a Breach?

HIPAA states that you must report a breach without unreasonable delay and in no case later than 60 days from discovery of the breach. One state is looking to change these guidelines.

We can help your practice stay on top of the latest healthcare news, rules, regulations and trends.  Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog click here).

North Carolina Attorney General and a state representative introduced legislation that would give organizations only 15 days to report a breach to consumers and the attorney general.

Why the shortened time frame?

North Carolina is no stranger to breaches – more than 5.3 million consumers were impacted by 1,022 data breaches in North Carolina in 2017.

Officials argue a shorter notification deadline would allow consumers to protect their information and freeze their credit before identity theft occurs.

Hacking and phishing were the biggest breach causes in 2017 in North Carolina.

If it were to pass, North Carolina would have one of the toughest breach notification laws in the country.

HIPAA currently states that breaches affecting more than 500 individuals must be reported to the Secretary without unreasonable delay and in no case later than 60 calendar days from discovery.

Breaches affecting fewer than 500 individuals must be reported within 60 days of the end of the calendar year in which the breach was discovered.

No matter the size of the breach, affected individuals must always be notified of a breach of their unsecured protected health information without unreasonable delay and in no case later than 60 days from the discovery of the breach.

In the event of a breach, we help our clients mitigate their damages and make the necessary reports to the government and impacted individuals.

In our next blog post, we will keep you informed of related issues.  To get this important information delivered directly to your mail box, click here to Subscribe.

Do you need help staying current and compliant with the latest laws, rules and regulations?  We can help. To contact us about your new government rules and regulations, your practice’s risk assessment, or about your other legal needs:  CLICK HERE.

P.S. If you or your patients are interested in consumer healthcare issues, check out myhealthspin.com.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.