Attention HIPAA-covered entities: Has your organization had a breach of protected health information during the past year? March 1 is the deadline for reporting breaches that occurred in 2014 to the HHS Office for Civil Rights, which enforces the HIPAA breach notification rule.

Breaches affecting 500 or more individuals require notification to affected individuals and HHS within 60 days of discovery.

Covered entities with breaches affecting less than 500 individuals during 2014 must submit notice to HHS within 60 days of the end of the calendar year--March 1, 2015.

Covered entities also can report these smaller breaches to HHS during the year if they chose, but a complete report of breaches on an annual basis is required, with a separate notice filled out for each breach.

HHS has additional information and instructions for submitting notices here.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access