HIPAA Blog

[ Tuesday, July 27, 2010 ]

New Data Breach Tool: HITECH now requires HIPAA-covered entities and business associates to provide notice to affected parties in the event of data breaches involving unsecured PHI, but not for breaches where there's not a substantial risk of harm. How do you determine whether an incident rises to the level of a breach, or whether a breach carries a risk of harm substantial enough to require notification? IDExperts has a tool, called RADAR (Risk Assessment Documentation And Reporting) that helps covered entities and business associates track and analyze breaches to determine whether notification is required.

Jeff [12:07 PM]

Comments: Post a Comment

http://www.blogger.com/template-edit.g?blogID=3380636 Blogger: HIPAA Blog - Edit your Template