onshore outsourcing Electronic Medical Records for USA

HIPAA incident and concern form

The HIPAA Privacy and Security Rules (45 CFR 164.308(6)(i), 45 CFR 164.308(6)(ii), 45 CFR 164.530(d)(l) and 45 CFR 164.530(d)(2)) state a process to receive and document complaints regarding protected health information (PHI) and to identify and respond to concerns regarding suspected or known security incidents must exist and be implemented.

A concern is defined as a situation where more research or information is needed to determine if PHI is at risk. An example could include clarification of a HIPAA policy or procedure.

An incident is defined as a situation where HIPAA security and privacy policies or procedures have not been adhered to causing PHI to be at risk. Examples could include seeing an unauthorized, unescorted person in a secured area, someone sharing usernames and passwords, or sending PHI unencrypted in an e-mail or placing PHI on an unencrypted portable device.

If you have a concern or believe you have witnessed an incident regarding protected health information, please complete the form below or email to our HIPAA privacy officer hcobb@telegenisys.com

4 + 2 =

Pin It on Pinterest