How Long Do You Have to Report a Breach?

HIPAA states that you must report a breach without unreasonable delay and in no case later than 60 days from discovery of the breach. One state is looking to change these guidelines.

We can help your practice stay on top of the latest healthcare news, rules, regulations and trends.  Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog ).

North Carolina Attorney General and a state representative introduced legislation that would give organizations only 15 days to report a breach to consumers and the attorney general.

Why the shortened time frame?

North Carolina is no stranger to breaches – more than 5.3 million consumers were impacted by 1,022 data breaches in North Carolina in 2017.

Officials argue a shorter notification deadline would allow consumers to protect their information and freeze their credit before identity theft occurs.

Hacking and phishing were the biggest breach causes in 2017 in North Carolina.

If it were to pass, North Carolina would have one of the toughest breach notification laws in the country.

HIPAA currently states that breaches affecting more than 500 individuals must be reported to the Secretary without unreasonable delay and in no case later than 60 calendar days from discovery.

Breaches affecting fewer than 500 individuals must be reported within 60 days of the end of the calendar year in which the breach was discovered.

No matter the size of the breach, affected individuals must always be notified of a breach of their unsecured protected health information without unreasonable delay and in no case later than 60 days from the discovery of the breach.

In the event of a breach, we help our clients mitigate their damages and make the necessary reports to the government and impacted individuals.

In our next blog post, we will keep you informed of related issues.  To get this important information delivered directly to your mail box, 

Do you need help staying current and compliant with the latest laws, rules and regulations?  We can help. To contact us about your new government rules and regulations, your practice’s risk assessment, or about your other legal needs:  CLICK HERE.

P.S. If you or your patients are interested in consumer healthcare issues, check out

Related Posts


Recent Posts

Getting Remarried? Here’s What You Need to Know
March 21, 2024
What is the Biggest Threat to Healthcare?
January 30, 2024
How Can I Simplify Estate Planning?
January 11, 2024
I Have a Trust. Now What?
December 7, 2023
Breaking: Corewell Health Breach
December 5, 2023


Subscribe to Our Newsletter

Subscribe and get your FREE copy of Easy Guide to HIPAA Risk Assessments

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment. (an $8.99 value)

Thank you for subscribing to the Rickard & Associates healthcare blog. You'll receive a confirmation email shortly. After verifying your subscription request, you'll be sent to the "Easy Guide to HIPAA Risk Assessments" download page.