Data Breach Checklist

Like many things, a data breach is not something most think about, until they need it.

When you need it, you are behind.

When you need it, you don’t want to have to think about what needs to happen…you just want to know what to do.

Our Data Breach policy and procedure includes everything you need to know and need to do when you have a data breach, or even a suspected breach.

The Regulations says to conduct or review a security risk analysis and implement updates as necessary and correct identified security deficiencies as part of this analysis.

Simply, you must conduct a Risk Assessment on your office and the way your practice operates.

It means you are being pushed into HIPAA compliance via Meaningful Use.

…Don’t worry
…We’ve made this easy for you.

Our Meaningful Use Risk Assessment is a paint-by-numbers simple process to ensure you are compliant with this requirement.

Additionally there are Policies and Checklists for the following:

Breach notifications have their own Subpart…which means this is taken very seriously.
There are a lot of sections to what is require of your reaction to a data breach.
Subpart D
CFR 164.400 Applicability – applies to breaches occuring on or after September 23, 2009
CFR 164.402 Definitions
CFR 164.404 Notification to Individuals
CFR 164.406 Notification to Media
CFR 164.408 Notification to the Secretary
CFR 164.410 Notification by a Business Associate
CFR 164.412 Law enforcement delay
CFR 164.414 Administrative requirements and burden of proof.