February 24, 2015
                By:  Erica Youngerman, Esq. 

Time is running out to be in compliance with the U.S. Department of Health & Human Services’ requirement to annually report all breaches within 60 days of the end of the calendar year in which the breaches were discovered.  The time to report is NOW! Do not wait until the last day.  Who will know if you do not report?  Well, HHS if a complaint is made or your practice is audited.  The result for failing to report may include a charge of non-compliance and failing to properly maintain proper HIPAA policies and procedures, punishable by a very avoidable monetary fine.  Recommended modus operandi - avoid potential exposure and properly report!
The link to electronically submit a report (one per breach) is https://ocrnotifications.hhs.gov/.  If necessary, you can later submit a follow up with newly found information regarding a prior report by clicking the link and selecting “Addendum to Previous Report.”
For more information regarding the annual report, please see OCR’S website available here (http://www.hhs.gov/ocr/privacy/hipaa/administrative/breachnotificationrule/brinstruction.html)
Not sure if something constitutes a breach? Consult your Breach Notification Policy
(https://www.kirschenbaumesq.com/page/practice-compliance) and give our office a call to discuss an concern or confusion. 
Have questions or need assistance? Contact Jennifer at 516 747 6700 x. 302,
Jennifer@Kirschenbaumesq.com or Erica at 516 747 6700 x. 308,

I-STOP Implementation - Common Q&As

Looking for HIPAA and compliance forms?  
Click here to visit 
our website.

Have a question or comment for Jennifer?
Contact Jennifer at Jennifer@Kirschenbaumesq.com or  at (516) 747-6700 x. 302.