Microsoft word sample individual breach notification letter docx author. Description of the event including.
This sample policy is drafted to comply with the hipaa breach notification rules as amended january 2013.
Hipaa breach notification letter sample. Our investigation into this breach revealed the following. The hipaa rule mandates that if the security or privacy of protected health information phi has been compromised a specific process has to be followed in the notification of affected individuals and the. In the world of data protection and security data breaches are the worst possible scenario and you d be well advised to have a plan in place in case it happens to your business.
If your business or organization experienced a hipaa breach one of the important responses includes a hipaa breach notification letter to notify the individuals affected by the breach. We take patient privacy very seriously and it is important to us that you are made fully aware of a potential privacy issue. This post will describe the required and optional content of the letter.
Under the hipaa breach notification rule covered entities following a breach of unsecured protected health information phi must provide notification of the breach to affected individuals. While there are some exceptions to this rule for the most part covered entities must provide an individual notice in written form by first class mail or alternatively by e mail if the affected. The hipaa breach notification letter that must be provided must generally be provided by first class mail.
If an individual has previously agreed to receive the hipaa breach notification letter. Delay required by law enforcement. The breach notification rule requires you to write your letters in plain language and include specific content.
But how do you write a hipaa breach notification letter. When healthcare organizations discover a breach of unsecured protected health information they are required by hipaa and hitech to notify affected individuals. Sample hipaa breach notification letter patient name patient address dear patient.
Notify your patients of a breach. Such notice should be given within 60 days following the discovery of a breach. I am writing to you with important information about a recent breach of your personal information by xyz internal medicine p c.
We are sending this letter to you as part of provider s commitment to patient privacy. We ll explain the importance of this letter and give some tips. One integral component of this plan is the data breach notification that will need to be sent to data protection authorities and possibly to consumers.
The user should review applicable laws and regulations and modify this sample policy as appropriate to fit the user s circumstances and any additional requirements in state and federal laws. How this interim final rule relates to hipaa rules and state laws. A breach notification may be delayed if law enforcement determines that notification would impede a criminal investigation or cause damage to national security.
4 30 2014 9 26 19 am. Sample breach notification letter to patients dear patient name. After a breach one of your top priorities is to mail a breach notification letter to everyone whose protected health information phi was compromised.