Is it still a breach if there is no known harm?

Even if a healthcare organization isn’t sure if breached information is accessed or used, it is still a breach. This is true unless the information is unusable, such as encrypted information. For example, a possible breach at McLaren Oakland Hospital that exposed over 2,200 patient files still required McLaren to report the potential breach and notify patients.

We can help your practice stay on top of the latest healthcare news, rules, regulations and trends.  Subscribe to stay current and up to date on important matters that will impact your practice.  (To subscribe to our blog ).

So what happened that caused McLaren Oakland Hospital to notify patients?

A computer desktop file was found to have an unauthorized and unsecured link to a file containing protected health information (“PHI”).

The link was left open by an employee and there was no evidence of fraud. Patients were notified to check their financial information and credit reports for any irregularities.

McLaren offered to provide free identity theft monitoring and protection services.

Even a breach with no known harm can be costly to a healthcare facility. It can result in fines and burdensome requirements from the Office of Civil Rights, a loss of patient trust and patient base, and costly mitigation efforts.

Breaches continue to be rampant in healthcare. With many employees working remotely, it is essential that employees be trained on proper cyber security and phishing attempts.

Employees at the workplace should make sure to follow all procedures for logging out, not having passwords visible, changing passwords routinely, and using secure ways to access PHI.

We help our clients determine their areas of vulnerability and train their staff to avoid potential breaches. We also ask that all members of the staff act as the HIPAA police to help look for areas of concern and speak up about potential vulnerabilities.

In our next blog post, we will keep you informed of related issues.  To get this important information delivered directly to your mail box, 

Do you need help staying current and compliant with the latest laws, rules and regulations?  We can help. To contact us about your new government rules and regulations, your practice’s risk assessment, or about your other legal needs:  CLICK HERE.

Related Posts


Recent Posts

Getting Remarried? Here’s What You Need to Know
March 21, 2024
What is the Biggest Threat to Healthcare?
January 30, 2024
How Can I Simplify Estate Planning?
January 11, 2024
I Have a Trust. Now What?
December 7, 2023
Breaking: Corewell Health Breach
December 5, 2023


Subscribe to Our Newsletter

Subscribe and get your FREE copy of Easy Guide to HIPAA Risk Assessments

An essential tool for all healthcare providers, Easy Guide to HIPAA Risk Assessments breaks down the requirements of HIPAA so you can successfully complete your required risk assessment. (an $8.99 value)

Thank you for subscribing to the Rickard & Associates healthcare blog. You'll receive a confirmation email shortly. After verifying your subscription request, you'll be sent to the "Easy Guide to HIPAA Risk Assessments" download page.