The Workgroup for Electronic Data Interchange has released a new guide to help healthcare organizations follow the breach notification rules under the HIPAA omnibus rule.
The HIPAA omnibus rule, which went into effect Sept. 23, 2013, bases notification standards on a "risk of compromise," rather than harm, and requires providers to either demonstrate a low probability protected information was compromised, or report the incident as a breach.
The WEDI guide is designed to offer organizations a decision-making process that can be used to help providers determine the risk of compromise. The guide includes a four-factor assessment to establish the probability that protected health information has been compromised and clarifies the steps organizations should take when consulting their legal and/or risk management teams about a possible breach.
More Articles on Data Breaches:
HHS Regulations Expose Scope of Data Breach Problem in Healthcare Sector
Olmsted Medical Center Data Breach Exposes Employees' Information
Poorly Vetted Contractor Causes Potential Breach at Beebe Healthcare