Under new rules developed by the Department of Health and Human Services, HIPAA-covered health care providers, health plans and other health entities must notify patients of data breaches involving their health information. Unless, of course, they decide not to.
– Data breach notification rules for health entities covered by the Health
Insurance Portability and Accountability Act take effect Sept. 23. Under the rules issued by the Department of Health and Human
Services, (PDF) health care providers and health plans will be required to
notify individuals of…