Personal laptop, possibly containing data on 5M patients, stolen from HHS facility

Just curious, but if the Department of Health and Human Services (HHS) commits or experiences a HIPAA-related data breach, do they have to call themselves and self-report?  In all seriousness, this is a tremendous amount of PHI lost.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s