Forms & Instructions To Provide HITECH Act-Required Notice To OCR Of Breach of Unsecured Protected Health Information Posted

The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) recently posted online forms and instructions for submitting notice of breaches of unsecured protected health information to OCR required under new protected health information breach notification rules enacted under the Health Information Technology for Economic and Clinical Health (HITECH) Act. 

Under Section 13402 of the Health Information Technology for Economic and Clinical Health (HITECH) Act as implemented by the Interim Final Breach Notification Regulations published by OCR in August, health care providers, health plans, and health care clearinghouses (covered entities) and their business associates within the meaning of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) must provide certain notifications within 60 days following discovery of a breach of unsecured protected health information to individuals whose protected health information was breached, OCR, and certain other parties. The new breach notification requirements apply to breaches occurring after September 23, 2009.

The required form to submit notice to and deadline for submitting notice to OCR depends on the number of affected individuals. For breaches affecting 500 or more individuals, notice of the breach must be submitted without unreasonable delay and no later than 60 days from the discovery of the breach. In other cases, notice to affected individuals still must be provided without unreasonable delay and within 60 days of discovery; but notification to CMS may be provided within 60 days of the end of the calendar year of discovery of the breach.

The author of this update, Curran Tomko Tarski LLP Partner Cynthia Marcotte Stamer has extensive experience advising covered entities, their business associates and others about HIPAA and other privacy and data security matters affecting covered entities and their business associates and has conducted training on the breach notification and other new HITECH Act rules and other HIPAA Privacy and Security matters.  You can review her experience, learn how to access recordings of her presentations and other details here.

Other Recent Developments

If you found this information of interest, you also may be interested in reviewing some of the following recent Solution Law Press Health Care Updates available online by clicking on the article title below:

For More Information

We hope that this information is useful to you.  If you need assistance with these or other health care public policy, regulatory, compliance, risk management, workforce and other staffing, transactional or operational concerns, please contact the author of this update, Curran Tomko Tarski LLP Health Practice Group Chair, Cynthia Marcotte Stamer, at (214) 270‑2402, cstamer@cttlegal.com, Ms. Stamer has extensive experience advising clients and writes and speaks extensively on these and other health industry and other reimbursement, operations, internal controls and risk management matters. 

Ms. Stamer has extensive experience in these and other health industry related representation.  You can review other recent health care and related resources and additional information about the health industry and other experience of Ms. Stamer here

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here, or e-mailing this information to cstamer@cttlegal.com, and/or by participating in the SLP Health Care Risk Management & Operations Group

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information – including your preferred e-mail – by creating or updating your profile at here or e-mailing this information here.  To unsubscribe, e-mail here.

©2009 Cynthia Marcotte Stamer.  All rights reserved.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: