February 22, 2010
Did you have a HIPAA security breach – for example, the theft of records from your office or loss of a laptop containing patient records – between September and December 2009?
If you had any HIPAA security breach, you must report the breach to the U.S. Department of Health and Human Services (HHS). HHS has established a new deadline of March 1 for any breach notifications between Sept. 23, 2009 – when the new Breach Notification Rule went into effect – and Dec. 31, 2009. ADA guidance on breach reporting can be downloaded at http://www.ada.org/prof/resources/topics/hipaa/index.asp#hitech. The HHS form may be accessed at http://transparency.cit.nih.gov/breach/index.cfm.