HHS Breach Notification Form On line
October 6, 2009
The Hunton & Williams privacy and security blog has been very active recently. It covers a wide range of issues of interest to many industries. Last Friday, they noted that the Department of Health and Human Services had added the on-line form for breach notifications.
For all of you worried about the burden of reporting a breach, take a look at the form. It’s not onerous and should take only a few minutes to complete. Of course, the real issue is having a plan for notifying affected individuals. Unfortunately, that’s not something an online form can handle for you.
2 Comments Add your own
Leave a Comment
Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <pre> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
Trackback this post | Subscribe to the comments via RSS Feed


1.
Mark Jacobs | February 10, 2010 at 4:21 pm
164.408 of the HITCH Act requires (pharmacy) providers to maintain a log of breaches of protected health information and submit it to the “secretary” annually. Do you have a log for health care providers to use?
To whom should the annual letter be sent?
Thank you,
Mark
2.
vendorcompliance | February 10, 2010 at 5:32 pm
Mark — my understanding is that you still submit a separate notice for breaches affecting less than 500 people, you just don’t have to submit them as they occur. However, the HHS hasn’t provided a log form to roll it into one submission, so they have an online form similar to the large scale breach notification that takes the breach information one at a time. Here’s the page with the form and instructions.