• HIPAA Update: HITECH Act Breach Notification Rule
  • November 3, 2009 | Authors: Stacy L. Cook; Ellen Luepke Layton; Katherine S. O'Brien
  • Law Firms: Barnes & Thornburg LLP - Indianapolis Office; Barnes & Thornburg LLP - Chicago Office
  • This HIPAA Update provides a detailed description of the new breach notification requirements for HIPAA covered entities and business associates as required by interim final rule issued pursuant to the HITECH Act of 2009. The interim final rule (Breach Rule) published by the U.S. Department of Health and Human Services (HHS) on Aug. 24, 2009 became effective Sept. 23, 2009. It requires business associates and covered entities to notify individuals, HHS, and in some cases, the media, upon discovery of a breach of unsecured protected health information (PHI).