HIPAA Policy Section 7.8: Right to Breach Notifications

Document Description

System will make every effort to secure an I ndividual’s health informat ion, including the use of encryption whenever possible and that in the event that any such medical information that has not been encrypted is the subject of a Breach, System will provide each affected Individual a written or electronic about the Breach as required by federal law. System shall give Individuals the right to adequate notice of the Uses and Disclosures of PHI that may be made by System as a Hybrid Entity, and of the individual’s rights and System's legal duties with respect to such PHI.

The System policy, INT 165, for responding to and investigating Breaches involving PHI, as well as for providing notices to Individuals affected by such a Breach is referenced in Policy 3 of this Manual.


45 C.F.R. CFR Part 164, Subpart D


Release Date

Responsible Office(s)

Employee Benefits

Document Type