HIPAA Breach Notification

Breach Investigation and Notification Management

As a HIPAA covered entity or business associate you recognize that your patient’s, or health plan members, protected health information (PHI) is just as important as their health. But breaches of protected health information can happen when you least expect.

Discovery of a HIPAA breach – or potential breach – of unsecured protected health information can be a daunting experience. Covered entities or business associates must act quickly to begin an internal review – this is known as conducting a HIPAA Breach Risk Assessment. The follow-up notification process is complex, time-consuming, and potentially costly.

Most organizations need expertise to guide them during the Breach Notification process. PrivaPlan leverages its extensive experience conducting HIPAA Breach Risk Assessments and guiding organizations through the notification process to provide a flexible and affordable solution.

Let PrivaPlan support you with the investigation, assessment, and notification management. Or let us handle the notification process for you so that you can get back to business.

How to handle the HIPAA Breach Notification Process

HIPAA Breach Notification may require:

  • Determining if you have up-to-date contact information
  • Posting a notice on your website
  • Obtaining a toll-free number for individuals to call
  • Sending the notification
  • Notifying the Office for Civil Rights
  • And in some States, notifying the Attorney General or the Department of Health

These steps are only part of the process. With the four-factor risk assessment as required by the HIPAA Breach Notification Rule, you also need to determine if a breach occurred and the level that PHI has been compromised.

PrivaPlan can help your organization follow up a breach or incident and assist in determining if notification is required and what remedial actions are necessary. Ultimately, this will be less expensive for many covered entities and business associates than doing the work internally. Our team of HIPAA compliance experts can provide:

  1. The investigation
  2. The risk assessment and determination of probability
  3. Notification management


The most flexible solution you can have during the HIPAA Breach Notification process is from a leader in HIPAA compliance. We leverage our industry knowledge with our compassion to ease your mind and deliver results you can depend on. Contact us today to have one of our seasoned professional associates manage the notification process for you.

Be Proactive In Compliance

Access PrivaPlan Toolkit

Access CMA-PrivaPlan Toolkit

Sign up for updates