Kern Medical New Associate Orientation Guide
The Breach Notification Rule
What is a Breach?
Unauthorized use or disclosure that compromises the security or privacy of PHI, violating State and/or Federal laws.
Breach examples include:
• Patient given another patient’s prescription and lab order in error.
• Laptop with unencrypted PHI is stolen.
• PHI faxed/emailed/mailed to wrong number/address.
• Ransomware or cyber-attack occurs.
• Unattended PHI read/observed/taken by unauthorized person.
Notification Starts With You!
• As soon as you are aware of a breach occurrence, report it to your supervisor immediately.
o What information was disclosed or accessed?
o What was the process involved?
• Kern Medical requires notification to:
Affected individuals
o
o California Department of Public Health
o U.S. Department of Health & Human Services
o Media (for breaches affecting over 500 people)
56
Made with FlippingBook - Share PDF online