HHS/OCR Has Improved Breach Portal for Notifying HHS of a Breach of Unsecured PHI and Cases Under Investigation

HHS/OCR Logo Breach

July 27, 2017. The Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) has improved its breach portal for filing a Notice to the Secretary of HHS—Breach of Unsecured Protected Health Information, downloading a sample form showing Breach Portal Required Information for reporting a breach, listing Cases Currently Under Investigation that were reported in the past 24 months, and providing an archive of “all resolved breach reports and/or reports older than 24 months.” As of today, there are 350 cases under investigation and 1,659 cases in the archive that dates back to the required reporting date in September 2009.

 

Cases under investigation and archived cases are presented in a table with the following column headers:

Name of Covered Entity, State, Covered Entity Type, Individuals Affected, Breach Submission Date, Type of Breach, and Location of Breached Information.

 

There also are advanced options for sorting (filtering) the data. These options include filtering and reporting breaches on the following:

Defining the breach submission date period, from and to.

Type of breach: Hacking/IT Incident, Improper Disposal, Loss, Theft, Unauthorized Access/Disclosure, Unknown, and Other.

Location of Breach: Desktop Computer, Electronic Medical Record, Email, Laptop, Network Server, Other Portable Electronic Device, Paper/Films, and Other.

Type of Covered Entity: Health Plan, Healthcare Clearinghouse, and Healthcare Provider.

State, DC, and Territory where breach occurred.

Business Associate Present: Yes or No.

Description Search: Keyword input.

Covered Entity (CE)/Business Associate (BA) Search: Keyword input.

 

Finally, OCR’s Breach Portal includes Help for Consumers, which states:

 

“If you think you may be the victim of identity theft, you may wish to verify the information in your medical records, and/or ask for that information to be corrected, by requesting a copy of your health information and/or requesting an amendment to your health information [with guidance provided at HHS’ Website entitled: Your Medical Records].

 

“For more tools to protect yourself against identify theft after a breach, please visit the Federal Trade Commission’s (FTC) Website for additional information at [Report identity theft and get a recovery plan: Get Started].

 

Having worked with these data since the inception of the Breach Report Website, this reporting tool and functionality represent a significant improvement over earlier versions.

Categories



Archives

  • October 2017 (1)
  • August 2017 (3)
  • July 2017 (1)
  • June 2017 (7)
  • May 2017 (12)
  • April 2017 (10)
  • March 2017 (2)
  • February 2017 (3)
  • January 2017 (4)
  • December 2016 (4)
  • November 2016 (7)
  • October 2016 (7)
  • September 2016 (2)
  • August 2016 (1)
  • July 2016 (3)
  • June 2016 (1)
  • May 2016 (1)
  • April 2016 (8)
  • March 2016 (6)
  • February 2016 (2)
  • December 2015 (1)
  • November 2015 (1)
  • October 2015 (4)
  • September 2015 (1)
  • June 2015 (8)
  • May 2015 (3)
  • April 2015 (2)
  • March 2015 (1)
  • November 2014 (1)
  • September 2014 (15)
  • August 2014 (6)
  • July 2014 (1)
  • June 2014 (13)
  • May 2014 (11)
  • April 2014 (13)
  • March 2014 (6)
  • February 2014 (12)
  • January 2014 (3)
  • December 2013 (1)