Breaching The Cloud:
Crucial Action Points You Must Follow
Published on Fri Dec 21, 2012
What are your responsibilities versus your BA’s? You have a lot of issues to consider for moving your medical information to cloud storage. Beyond the preliminary issues, you also need to be prepared for the worst case scenario: a breach of your patients’ protected health information. The biggest part of your responsibility when there’s a breach -- an unauthorized access to unsecured data that compromises the security or privacy of PHI -- is a "notice requirement," says Wayne J. Miller, Esq., founding partner of the Compliance Law Group in Los Angeles. Under the Health Information Technology for Economic and Clinical Health (HITECH) Act, you must issue this notice to alert any individuals to the unauthorized access to their PHI. In some cases, you have to notify only the patients affected by the breach. But in other cases where a breach affects or may potentially affect a large number of people -- typically 500 [...]