February 29 Data Breach Reporting Deadline Fast Approaching!

The deadline is quickly approaching for mandatory data breach reporting to the United States Department of Health & Human Services (HHS) under the Health Information Technology for Economic and Clinical Health Act (HITECH Act).  Covered entities must report data breaches involving less than 500 individuals to HHS within 60 days following the end of the calendar year in which the breach occurred.   Because 2012 is a leap year, covered entities that experienced a data breach involving fewer than 500 individuals in 2011 should submit data breach notification reports to HHS by February 29, 2012.  

The reports must be submitted electronically.  Please follow these links for the submission form and reporting instructions.

Leave a reply. Please note that although this blog may be helpful in informing clients and others who have an interest in information privacy and security, it is not intended to be legal advice. The information on this blog also should not be relied upon to form an attorney-client relationship.

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.