HIPAA Breach Notification Rule
GPTKB entity
Statements (19)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:United_States_federal_law
|
| gptkbp:appliesTo |
business associates
covered entities |
| gptkbp:codifiedIn |
gptkb:45_CFR_§§_164.400-414
|
| gptkbp:defines |
breach as unauthorized acquisition, access, use, or disclosure of protected health information
|
| gptkbp:enforcedBy |
gptkb:U.S._Department_of_Health_and_Human_Services
|
| gptkbp:excludes |
breaches of secured (encrypted) protected health information
|
| gptkbp:notificationDeadline |
without unreasonable delay and no later than 60 days after discovery
|
| gptkbp:partOf |
gptkb:Health_Insurance_Portability_and_Accountability_Act
|
| gptkbp:penaltiesForNoncompliance |
civil monetary penalties
|
| gptkbp:purpose |
to ensure individuals are informed of breaches of their health information
|
| gptkbp:relatedTo |
gptkb:HITECH_Act
|
| gptkbp:requires |
covered entities to notify the media if a breach affects more than 500 residents of a state or jurisdiction
covered entities to notify the Secretary of HHS of breaches covered entities to notify affected individuals of breaches of unsecured protected health information |
| gptkbp:startDate |
September 23, 2009
|
| gptkbp:bfsParent |
gptkb:Health_Breach_Notification_Rule
|
| gptkbp:bfsLayer |
5
|
| https://www.w3.org/2000/01/rdf-schema#label |
HIPAA Breach Notification Rule
|