•  
  •  
 

Abstract

This dentistry and the law column addresses the necessity of reporting a potential HIPAA data breach involving missing patient records. The author explains the criteria outlined in the HIPAA Breach Notification Rule and emphasizes the importance of a thorough risk assessment. The dentist must evaluate the nature of the protected health information and whether an unauthorized person acquired it. The article details the steps for reporting, including individual notices to affected patients and the U.S. Secretary of Health and Human Services, with distinctions based on the number of individuals affected.

Share

COinS