• Call us: (708) 365-1000 | (847) 450-6500
  • Had a HIPAA breach? Follow these steps to mitigate it.

  • This Is How Professionals Deal with A HIPAA Breach

    The Health Insurance Portability and Accountability Act (HIPAA) is designed to keep the private and confidential information of patients as such. A breach in HIPAA means the Protected Health Information (PHI) has been leaked, or stolen. This is a huge matter of concern for businesses and healthcare institutes. However, the last thing you should do is panic during such situations.

    Professionals set a precedent of how HIPAA breaches should be dealt with. This is what they do.

    #1: Analyze the Extent Of Damage

    The foremost thing you are supposed to do is take a breath and analyze the damage the HIPAA breach has caused. Also, analyze the potential damage that it is likely to be caused. Find out what caused the breach in the first place. To break the common notion, it’s not always a hacking incident. Such breaches may also occur with improper handling, disposal etc. While you do so, also take into account the type of personal information that has been exposed.

    #2: Develop an Encounter Plan

    Now that you know the type of PHI at risk, and what caused it, it is time to look forward. Develop a plan that will impede the situation from deteriorating any further. Also, assure your patients that the breach is being catered to and that their information will be recovered in no time. If there is even a hint of criminal activity involved, reach out to the FBI for help.

    #3: Reporting to HHS

    Health and Human Services (HHS) is the US’s federal department designed to look into such matters. If you have fewer than 500 patients who are affected, notifying the HHS may not be necessary. In the case 500 or more of the patients have been affected, you are required to bring the matter to HSS’s notice right away.

     

    Usually, HIPAA breaches happen when there is a loophole in proper implementation. Not only do they cause a havoc, but also put a dent in your reputation. The best way around it is to ensure proper implementation of HIPAA in the first place.