Your role is crucial in handling HIPAA breaches. Follow these procedures diligently and with care.
Scenario: Accidentally emailed PHI to the wrong person
(e.g., a treatment summary was sent to the wrong person)
If the number of Individuals impacted is less than 500:
- Do what: Notify each person individually
- When: Without unreasonable delay and in no case later than 60 days following the discovery of a breach.
- Content of Letter/Email:
- A brief breach description, including date and the date of
- types of unsecured PHI that were involved
- Steps the individual should take to protect themselves
- What Overcomers is doing to investigate, mitigate harm to individuals, and to protect against further breaches, and
- Contact procedures
- How:
- In writing by first class mail or email if the affected individual has consented to such notice. Additional notice in urgent situations it may be so by telephone or other means in addition to the written notice.
Use TN Messaging or Portal to send messages/documents to prevent HIPAA breaches.
HIPAA Breach Form
Complete this form to notify Admin and the Client of this type of breach: