HCCA - CHCP: Breach Notification Questions And Answers.
6 views 0 purchase
Course
HCCA - CHCP: Breach Notification
Institution
HCCA - CHCP: Breach Notification
Unsecured Protected Health Information - health information that is not rendered
unusable, unreadable, or indecipherable to unauthorized individuals through the use of a technology or
methodology on the HHS Web site
Breach (as defined in HITECH 164.402 - The acquisition, access, use, or disclosu...
HCCA - CHCP: Breach Notification
Unsecured Protected Health Information - health information that is not rendered
unusable, unreadable, or indecipherable to unauthorized individuals through the use of a technology or
methodology on the HHS Web site
Breach (as defined in HITECH 164.402 - The acquisition, access, use, or disclosure of protected
health information in a manner not permitted
under subpart E of this part which compromises the security or privacy of the protected health
information
Access - ability or means necessary to read,
write, modify, communicate, or otherwise use data/information.
Authorized Person - individual authorized by the entity or the entity's Business Associate
to acquire, access, or use Protected Health Information ("PHI") that is within the individual's scope of
employment
Breach Exceptions - Section 13400(1) of the Act also includes three exceptions to the definition of
''breach'' that encompass situations Congress clearly intended to not constitute breaches
Burden of Proof - Covered entities and business
associates have the burden of proof to demonstrate that all required notifications have been provided
or that a use or disclosure of unsecured protected health information did not constitute a breach
Can an CE update a notification if information has changed? - Yes
Can you email notice of a breach? - Yes, if the individual has previously agreed to be notified by
mail.
, Harm - means poses a significant risk of financial, reputational, or other harm to the individual.
How do you submit notice to the Secretary for under 500 affected individuals? - Must be
submitted electronically. Each incident must be a separate filing.
How is a individual notified? - by First Class mail
How long does a BA have to notify the CE? - 60 days from discovery
If more than 10 individuals information is out-of-date what must an CE do? - must provide
substitute individual notice by either posting the
notice on the home page of its web site or by providing the notice in major print or broadcast media
where the affected individuals likely reside
If notified is by WEB or media what must be included? - Toll Free Number
Individual Notification of a Breach must contain the following - • Brief description of what
happened and when it happened, to include the date of the breach and the date it was discovered.
• Description of the types of unsecured PHI involved in the breach (example: the individual's social
security number, date of birth, etc.)
• Steps individuals should take to protect themselves from potential harm as a result of the breach.
• Brief description of what the involved covered entity is doing to investigate the breach, mitigate losses,
and protect against any further breaches.
• Contact procedures for individuals to ask questions or learn additional information.
Limited Data Set. - PHI that excludes 16 specific
identifiers as defined in the HIPAA Privacy Rule, but includes:
- zip codes
- geographical codes
- dates of birth
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller ACADEMICMATERIALS. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $7.99. You're not tied to anything after your purchase.