By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Health Works CollectiveHealth Works Collective
  • Health
    • Mental Health
    Health
    Healthcare organizations are operating on slimmer profit margins than ever. One report in August showed that they are even lower than the beginning of the…
    Show More
    Top News
    An Expert’s Guide To Building and Improving Endurance
    June 30, 2022
    medical assistants
    What Do Medical Assistants Do On a Day to Day Basis?
    April 5, 2022
    superfoods to help with prostate health
    10 Healthy Foods That Can Help Protect Your Prostate
    August 29, 2022
    Latest News
    What To Expect On A Meditation Retreat In Miami
    February 6, 2023
    Botanical Extracts That Should be on Your Health Radar
    February 5, 2023
    Navigating Medical Care as a Wheelchair User
    February 4, 2023
    4 Common Myths and Misunderstandings About Brain Injuries
    February 5, 2023
  • Policy and Law
    • Global Healthcare
    • Medical Ethics
    Policy and Law
    Get the latest updates about Insurance policies and Laws in the Healthcare industry for different geographical locations.
    Show More
    Top News
    Health Insurance For Same Sex Couples
    February 11, 2012
    Racial Health Disparities Among People with Chronic Conditions in the US: Facts and Statistics
    July 25, 2013
    Drug Testing for Welfare Benefits? Two Sides to the Issue
    March 16, 2022
    Latest News
    Why Is a Referenced Based Pricing Tool Necessary?
    February 3, 2023
    Simplifying the Genetic Testing Process: How At-Home Kits are Changing the Game
    January 25, 2023
    9 Hospitals That Have Introduced Green Initiatives
    February 1, 2023
    Why a Health Retreat Can Be the Best Medicine
    January 12, 2023
  • Medical Innovations
  • News
  • Wellness
  • Tech
Search
© 2023 HealthWorks Collective. All Rights Reserved.
Reading: How to Recover from a HIPAA Breach
Share
Sign In
Notification Show More
Latest News
meditation retreat
What To Expect On A Meditation Retreat In Miami
Health
Guide To Pursuing a Career in Nursing as a Foreigner in the USA
Guide To Pursuing a Career in Nursing as a Foreigner in the USA
Career
Botanical Extracts
Botanical Extracts That Should be on Your Health Radar
Health
Navigating Medical Care as a Wheelchair User
Navigating Medical Care as a Wheelchair User
Health
common misconseptions about brain injuries
4 Common Myths and Misunderstandings About Brain Injuries
Health
Aa
Health Works CollectiveHealth Works Collective
Aa
Search
Have an existing account? Sign In
Follow US
  • About
  • Contact
  • Privacy
© 2023 HealthWorks Collective. All Rights Reserved.
Health Works Collective > Business > How to Recover from a HIPAA Breach
BusinessPolicy & Law

How to Recover from a HIPAA Breach

Abby Norman
Last updated: 2015/04/03 at 8:00 AM
Abby Norman
Share
7 Min Read
SHARE

If you find yourself in the midst of a HIPAA breach, your first instinct might be to panic, but you need not. While a security breach of any kind is a high stress event, keeping cool headed and following tried and true HIPPA breach recovery protocols will help you avoid further trouble down the line.

Contents
Step One: Understanding a HIPPA BreachStep Two: Assess Step Three: NotificationStep Four: Reassess your liability and take actionStep Five: Reevaluate your policies and debrief

If you find yourself in the midst of a HIPAA breach, your first instinct might be to panic, but you need not. While a security breach of any kind is a high stress event, keeping cool headed and following tried and true HIPPA breach recovery protocols will help you avoid further trouble down the line.

How To Recover From a Breach

Step One: Understanding a HIPPA Breach

What defines a HIPPA breach? Any release of information protected under HIPAA that violates the protection standard set forth by the rule. When you think of a breach you probably think of massive security breaches that result in thousands of records being released into the wrong hands — but sometimes breaches occur on a much smaller scale. Just because they only impact one or two patients doesn’t mean they should be regarded with less weight than a numerically larger one.

A textbook example would be mailing test results to the wrong patient or giving someone another patient’s after visit summary at a doctor’s appointment. These things might seem like laughable accidents, but in the wrong hands patient information can quickly become a hotbed of identity theft potential. No breach should be regarded as insignificant.

More Read

HR staff must deal with divisive views in healthcare

HR Must Navigate Polarizing Views in Healthcare Workplaces

Should Hospitals Use SASE or Traditional Network Security?
6 Tips for Getting Into Medical School
The Technology and Services You Need to Open Your Own Counseling Office
Do You Need Life Insurance? What Does It Cover?

Step Two: Assess

The first step after any suspected HIPAA breach is to assess how much information was impacted and compare it to national reporting standards. Typically, if more than 500 patient records are involved, you must notify the public that a breach has occurred. Generally speaking, regardless of the size of the breach — or even the confirmation that a breach has occurred — there must be internal notification up the chain of command within the hospital system itself, usually facilitated by the hospital’s privacy officer (who may or may not be affiliated with the health information department).

Step Three: Notification

In instances where there are clearly identified patients involved, you should begin the process of notifying them via an official letter from your organization without delay. Generally speaking you are allowed 60 days after the breach to make your notifications, but the process should begin as soon as you’ve discovered it. This letter should inform the patient of what occurred, what’s being done by the hospital to rectify it and what the patient should do to protect themselves.

It would be in your hospital’s best interest to offer help wherever you can, particularly in the form of offering the patient something like credit monitoring in order to help reduce the likelihood that your mistake will negatively impact their lives. For any breach involving less than 500 people, you still need to notify DHHS annually.

Step Four: Reassess your liability and take action

If you haven’t purchased regulatory liability insurance, don’t wait. Most plans will cover HIPAA breaches as well as other issues related to compliance, intentional or not. For staff, the intent of the breach (wittingly or unwittingly) will determine in large part the type of disciplinary action they receive.

For example, if a nurse knows that she isn’t supposed to go snooping in her neighbor’s medical record since she isn’t that person’s nurse, but does it anyway, that would warrant disciplinary action far more severe than if a nurse stumbled into the wrong record because she used the wrong birth date and got into a record of a different “Jane Smith” – only to realize her error and report it immediately. Penalties can range anywhere from a few hundred dollars to a few hundred thousand dollars, depending on the nature and size. There are both federal and state penalties, so combining both could be a hefty set of fines for any hospital that’s experienced a breach.

Step Five: Reevaluate your policies and debrief

Since you’ve properly documented the entire process (right?) you can now assess the event from a bird’s eye view with your privacy officer and other pertinent staff members to uncover why the breach occurred and what could have prevented it, if anything.

If you find that there was a flaw, say, in your EMR steps should be taken immediately to patch it. If there are personnel issues, disciplinary action should be taken and in some cases, if there have been multiple offenses, an employee may need to be terminated. If you have experienced a few breaches rather close together, you should be looking to see if there are any patterns or common denominators in the events that could lead you to a culprit.

Most importantly, remember to keep all documentation around the breach and its aftermath for six years after the event occurs. Not only will the records be of value to you in the event of a lawsuit, but as previously mentioned, if there are future breaches you may want to come back to a particular event that seemed somewhat similar and see if you can establish a pattern or link between them.

Knowledge is power, as they say, and when it comes to patient data breaches understanding the why and the how is just as important — if not more so — than the who!

 

The post How To Recover From a HIPAA Breach appeared first on BHM Healthcare Solutions.

TAGGED: HIPAA, security

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Abby Norman April 3, 2015
Share this Article
Facebook Twitter Copy Link Print
Share
Previous Article pharmaphorum Pharma Is from Mars, Patients Are from Venus
Next Article The 3 Secrets to Making Your Blog Stand Out

Stay Connected

1.5k Followers Like
4.5k Followers Follow
2.8k Followers Pin
136k Subscribers Subscribe

Latest News

meditation retreat
What To Expect On A Meditation Retreat In Miami
Health February 6, 2023
Guide To Pursuing a Career in Nursing as a Foreigner in the USA
Guide To Pursuing a Career in Nursing as a Foreigner in the USA
Career February 5, 2023
Botanical Extracts
Botanical Extracts That Should be on Your Health Radar
Health February 5, 2023
Navigating Medical Care as a Wheelchair User
Navigating Medical Care as a Wheelchair User
Health February 4, 2023

You Might also Like

Health care

Why Is a Referenced Based Pricing Tool Necessary?

February 3, 2023
at-home genetic testing method kits
Global Healthcare

Simplifying the Genetic Testing Process: How At-Home Kits are Changing the Game

January 25, 2023
green hospitals
Hospital Administration

9 Hospitals That Have Introduced Green Initiatives

January 20, 2023
benefits of going on a health retreat
Global HealthcareHealth

Why a Health Retreat Can Be the Best Medicine

January 12, 2023
//

We influence million of users and is the most authentic source of information on healthcare business and technology news.

Quick Links

  • About
  • Contact
  • Privacy
Subscribe

Subscribe to our newsletter to get our newest articles instantly!

Follow US

© 2008-2023 HealthWorks Collective. All Rights Reserved.

Removed from reading list

Undo
Welcome Back!

Sign in to your account

Lost your password?