Abstract
This dentistry and the law column addresses the necessity of reporting a potential HIPAA data breach involving missing patient records. The author explains the criteria outlined in the HIPAA Breach Notification Rule and emphasizes the importance of a thorough risk assessment. The dentist must evaluate the nature of the protected health information and whether an unauthorized person acquired it. The article details the steps for reporting, including individual notices to affected patients and the U.S. Secretary of Health and Human Services, with distinctions based on the number of individuals affected.
Recommended Citation
Schulte, Dan JD
(2024)
"Dentistry and the Law: When Must a Data Breach be Reported?,"
The Journal of the Michigan Dental Association: Vol. 106:
No.
2, Article 4.
Available at:
https://commons.ada.org/journalmichigandentalassociation/vol106/iss2/4
Included in
Dental Public Health and Education Commons, Health and Medical Administration Commons, Health Information Technology Commons, Health Law and Policy Commons, Human Resources Management Commons, Leadership Commons, Technology and Innovation Commons