CA Dentist Notifies Patients About Stolen Hard Drives

CA Dentist Notifies Patients About Stolen Hard Drives

Posted by Amy Wood on Aug 15 2016, 11:14 PM

CA Dentist Notifies Patients About Stolen Hard Drives

A few weeks ago yet another California dentist submitted a notification letter to the California Attorney General as required.  Unfortunately, this is another example of when doctors choose to DIY breach mitigation -- and fail.

I see notification letters like this when doctors call their insurance company and they are advised to write a letter with direct contact information and to tell their patients to pay for their own credit monitoring.

This Dr. should expect pushback from patients and possibly lawsuits under Private Right of Action.  Most California residents have had some kind of breach (Target, Home Depot etc.) and have received notification letters that are correct and offer credit monitoring services.

There is a particular way to report a breach and notify patients.  This is not it.  The biggest thing I have learned about HIPAA is that when doing breach mitigation, there are a lot of ways to do it wrong and those usually happen when people try to save money by doing mitigation themselves.


https://oag.ca.gov/ecrime/databreach/reports/sb24-63351

Share On

Leave A Reply

Please fill all the fields.

Talk to our experts

Start your journey to compliance by directly interacting with our experts. With extensive years of experience in making dental practices HIPAA Compliant, we provide everything from start to finish to make you compliant, safe, secure, and confident against data breach. Look no further, begin your training today by scheduling a class with our experts!