HIPAA Breach Toolkit

Patient information is increasingly at risk of being inappropriately disclosed. This could occur through such events as loss or theft of a paper record or mobile device (laptop, tablet, cell phone) that contains protected health information (PHI), theft of office computers or servers, inappropriate access to PHI by staff or external individuals, or ransomware or other types of hacking attacks. This toolkit is designed to guide practice executives through the process of determining if a reportable breach occurred and the steps to take if the organization determines that a breach did occur.