Skip to Main Content
In the News

Alisa Chestler Comments on Data Breaches in Wolters Kluwer Health Law Daily

Since 2009, as mandated by the Health Insurance Portability and Accountability Act (HIPAA), covered entities (CEs) have been required to notify individuals when their unsecured PHI has been breached. The breach notification rules changed in 2013 with the publication of the HIPAA Omnibus final rule in January 2013, which implemented provisions of statutory amendments contained in the Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009. 

In this Wolters Kluwer Health Law Daily article, Alisa Chestler discusses recent trends in data breaches and offers advice as to how providers can work to prevent them. Ms. Chestler says that the Omnibus final rule has changed the way that CEs prepare for potential breaches. "I think the real change is to actually have a breach notification plan in places." She notes, "Prior to HITECH we saw either no security plan in place or an off the shelf plan that had very little relevance to the operations. We are encountering that problem less and less."

Read the Article

©2014 CCH Incorporated. All Rights Reserved. Reprinted with permission from Health Law Daily.

Email Disclaimer

NOTICE: The mailing of this email is not intended to create, and receipt of it does not constitute an attorney-client relationship. Anything that you send to anyone at our Firm will not be confidential or privileged unless we have agreed to represent you. If you send this email, you confirm that you have read and understand this notice.
Cancel Accept