Measurecare Data Breach Notification Process

We take the security and data privacy of our clients very seriously. Below is our process for notifying all affected client organizations of a potential data breach.

  1. Identify the nature and extent of the PHI (protected health information) involved, including the types of identifiers.
  2. Identify the unauthorized access/account and disable it.
  3. (If PHI is involved) further identify the extent of the risk to the PHI has been mitigated.
  4. Depending on the severity of risk, web servers and databases may be disabled. 5. Notify the client organization affected.
  5. Notify the account users who may be affected by the breach.
  6. If breach requires notification to covered entities under HIPAA Breach Notification Rule, 45 CFR §§ 164.400-414, we will comply and submit the necessary documentation.
Is article helpful?