HIPAA Breach Notification Rule
GPTKB entity
Statements (19)
Predicate | Object |
---|---|
gptkbp:instanceOf |
gptkb:United_States_federal_law
|
gptkbp:appliesTo |
business associates
covered entities |
gptkbp:codifiedIn |
gptkb:45_CFR_§§_164.400-414
|
gptkbp:defines |
breach as unauthorized acquisition, access, use, or disclosure of protected health information
|
gptkbp:enforcedBy |
gptkb:U.S._Department_of_Health_and_Human_Services
|
gptkbp:excludes |
breaches of secured (encrypted) protected health information
|
https://www.w3.org/2000/01/rdf-schema#label |
HIPAA Breach Notification Rule
|
gptkbp:notificationDeadline |
without unreasonable delay and no later than 60 days after discovery
|
gptkbp:partOf |
gptkb:Health_Insurance_Portability_and_Accountability_Act
|
gptkbp:penaltiesForNoncompliance |
civil monetary penalties
|
gptkbp:purpose |
to ensure individuals are informed of breaches of their health information
|
gptkbp:relatedTo |
gptkb:HITECH_Act
|
gptkbp:requires |
covered entities to notify the media if a breach affects more than 500 residents of a state or jurisdiction
covered entities to notify the Secretary of HHS of breaches covered entities to notify affected individuals of breaches of unsecured protected health information |
gptkbp:startDate |
September 23, 2009
|
gptkbp:bfsParent |
gptkb:Health_Breach_Notification_Rule
|
gptkbp:bfsLayer |
5
|