[ Tuesday, July 27, 2010 ]
New Data Breach Tool:
HITECH now requires HIPAA-covered entities and business associates to provide notice to affected parties in the event of data breaches involving unsecured PHI, but not for breaches where there's not a substantial risk of harm. How do you determine whether an incident rises to the level of a breach, or whether a breach carries a risk of harm substantial enough to require notification? IDExperts has a tool
, called RADAR (Risk Assessment Documentation And Reporting) that helps covered entities and business associates track and analyze breaches to determine whether notification is required.
Jeff [12:07 PM]
Blogger: HIPAA Blog - Edit your Template