Hipaa Security Breach Report

Updated: over a week ago

HIPAA Security Breach Report

Basic Details

1. Company Name


Photo Comment

2. Company Address


Photo Comment

3. Head of IT Security - Name


Photo Comment

4. Are you the covered entity or a business associate?


Photo Comment
Identification

1. Provide a concise summary of how the breach was initially discovered (this should be written by the individual who discovered the breach, or transcribed as it is described verbally).


Photo Comment

2. State the nature and extent of the PHI involved


Photo Comment

3. Detail the nature and extent of the PHI involved.


Photo Comment

4. Details of the unauthorized person to whom the disclosure was made (name and other details).


Photo Comment

5. Was the PHI acquired or viewed by the unauthorized person?


Photo Comment

6. Were 500 or more individuals were affected by the breach?


Photo Comment

7. If a breach of unsecured protected health information affected 500 or more individuals, was the Secretary of the breach notified by a covered entity without unreasonable delay and in no case later than 60 calendar days from the discovery of the breach?


Photo Comment

8. For breaches affecting fewer than 500 individuals, a covered entity is not required to wait until the end of the calendar year to report and may report such breaches at the time they are discovered.


Photo Comment
Risk Mitigation Measures

1. Detail the extent to which the risk to the PHI has been mitigated.


Photo Comment

2. What measures have been taken to minimize damage as a result of the breach?


Photo Comment

3. To what extent has the risk of damage been mitigated?


Photo Comment
Reporting

1. The covered entity notified within 60 days of discovering the breach?


Photo Comment

2. Were affected individuals informed regarding the breach either by the covered entities or the assigned business associates?


Photo Comment

3. Please enter details regarding how and when the covered entity was notified.


Photo Comment

4. When was the notice filed to the Secretary of the HHS?


Photo Comment

5. Did the covered entity submit the notice electronically, completing all of the fields of the breach notification form?


Photo Comment

6. File the notice to the Secretary of the HHS (within 60 days)


Photo Comment

7. The covered entity must submit the notice electronically by clicking on the link below and completing all of the required fields of the breach notification form.


Photo Comment
Final Steps

1. Ensure all of the breach documentation is safely stored.


Photo Comment

2. What measures have been taken to ensure safe storage of breach documentation?


Photo Comment

Is this sample what you are looking for?
Sign up to use & customise this template, or create your own custom checklist:

Checklist by GoAudits.com – Please note that this checklist is intended as an example. We do not guarantee compliance with the laws applicable to your territory or industry. You should seek professional advice to determine how this checklist should be adapted to your workplace or jurisdiction.

goaudits app

Get started on a free trial

Seeing is believing! Try the full platform FREE for 14 days with your own data.
Or ask us to setup the system for you, at no cost.