Federal law requires hospitals and other HIPAA-covered entities to report all 2018 HIPAA privacy breaches affecting fewer than 500 patients to the Office for Civil Rights of the U.S. Department of Health and Human Services by March 1. This requirement also applies to hospitals that have already notified affected patients and the California Department of Public Health.
This content is restricted to members.
