FREE TRIAL UPGRADE!
Thank you for investing in EnvironmentalHazmatHuman ResourcesHuman Resources, Hazmat & Environmental related content. Click 'UPGRADE' to continue.
CANCEL
YOU'RE ALL SET!
Enjoy your limited-time access to the Compliance Network!
A confirmation welcome email has been sent to your email address from ComplianceNetwork@t.jjkellercompliancenetwork.com. Please check your spam/junk folder if you can't find it in your inbox.
YOU'RE ALL SET!
Thank you for your interest in EnvironmentalHazmatHuman ResourcesHuman Resources, Hazmat & Environmental related content.
WHOOPS!
You've reached your limit of free access, if you'd like more info, please contact us at 800-327-6868.
CLOSE
 
 

...

(a) Standard. A covered entity shall, following the discovery of a breach of unsecured protected health information as provided in §164.404(a)(2), notify the Secretary.

(b) Implementation specifications: Breaches involving 500 or more individuals. For breaches of unsecured protected health information involving 500 or more individuals, a covered entity shall, except as provided in §164.412, provide the notification required by paragraph (a) of this section contemporaneously with the notice required by §164.404(a) and in the manner specified on the HHS Web site.

(c) Implementation specifications: Breaches involving less than 500 individuals. For breaches of unsecured protected health information involving less than 500 individuals, a covered entity shall maintain a log or other documentation of such breaches and, not later than 60 days after the end of each calendar year, provide the notification required by paragraph (a) of this section for breaches discovered during the preceding calendar year, in the manner specified on the HHS web site.

[74 FR 42768 Aug. 24, 2009; 78 FR 5695, Jan. 25, 2013]

['Employee Benefits']
['HIPAA privacy and security']
UPGRADE TO CONTINUE READING
Load More