Health and Human Services Interim Final Rule for Breach Notification for Unsecured Protected Health Information, provided for in the American Recovery and Reinvestment Act of 2009 (ARRA), was implemented September 23, 2009. While breach notification of an individual or group of individuals may be carried out through various methods, all applicable breaches in any medium require a notification letter with prescribed content.
Your assignment is to research an example of a healthcare information data breach and prepare a one page memo (in proper memo format) to the group of individuals who have potentially been involved to notify them of the circumstances.
Required elements must be addressed in a customized manner according to situational circumstances:
A. A brief description of what happened, including the date of the breach and the date of the discovery of the breach, if known
B. A description of the types of unsecured protected health information that were involved in the breach (such as name, Social Security number, date of birth, home address, diagnosis, or other types of information)
C. Any steps the individual should take to protect themselves from potential harm resulting from the breach
D. A brief description of what the organization is doing to investigate the breach and to protect against further breaches
E. Contact procedures for individuals to ask questions or learn additional information