Is it still a breach if there is no known harm?

Even if a healthcare organization isn’t sure if breached information is accessed or used, it is still a breach. This is true unless the information is unusable, such as encrypted information. For example, a possible breach at McLaren Oakland Hospital that exposed over 2,200 patient files still required McLaren to report the potential breach and notify patients.

We can help your practice stay on top of the latest healthcare news, rules, regulations and trends.  Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog ).

So what happened that caused McLaren Oakland Hospital to notify patients?

A computer desktop file was found to have an unauthorized and unsecured link to a file containing protected health information (“PHI”).

The link was left open by an employee and there was no evidence of fraud. Patients were notified to check their financial information and credit reports for any irregularities.

McLaren offered to provide free identity theft monitoring and protection services.

Even a breach with no known harm can be costly to a healthcare facility. It can result in fines and burdensome requirements from the Office of Civil Rights, a loss of patient trust and patient base, and costly mitigation efforts.

Breaches continue to be rampant in healthcare. With many employees working remotely, it is essential that employees be trained on proper cyber security and phishing attempts.

Employees at the workplace should make sure to follow all procedures for logging out, not having passwords visible, changing passwords routinely, and using secure ways to access PHI.

We help our clients determine their areas of vulnerability and train their staff to avoid potential breaches. We also ask that all members of the staff act as the HIPAA police to help look for areas of concern and speak up about potential vulnerabilities.

In our next blog post, we will keep you informed of related issues.  To get this important information delivered directly to your mail box, 

Do you need help staying current and compliant with the latest laws, rules and regulations?  We can help. To contact us about your new government rules and regulations, your practice’s risk assessment, or about your other legal needs:  CLICK HERE.

Related Posts


Recent Posts

Do I Need an Emergency List?
March 23, 2023
Breaking: New Self-Disclosure Policy
March 21, 2023
What is a Power of Attorney?
March 16, 2023
Can Your EHR Template Land You in Prison?
March 14, 2023
What Happens When You Don’t Fund Your Trust?
March 9, 2023


Enter your email to subscribe now and receive your FREE HIPAA Risk Assessment book!

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment.


Get it now for FREE (an $8.99 value!)

One more step! Please check your email to confirm your subscription and receive your FREE book!