Conducting HIPAA Breach Risk Assessments Using the “LoProCo” Analysis

by Margaret Young Levi and Kathie McDonald-McClure

clip_image009The U.S. Department of Health & Human Services Office for Civil Rights (“OCR”) has a new acronym, “LoProCo,” relating to assessing data breaches under HIPAA, as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act of 2009 and the HIPAA Omnibus Rule that became effective March 26, 2013.

It is OCR’s position that a breach is Continue reading