According to Federal law under HIPAA, which of the following would the covered entity NOT have to report the breach to?

Posted by: Pdfprep Category: CIPP-US Tags: , ,

A covered entity suffers a ransomware attack that affects the personal health information (PHI) of more than 500 individuals.

According to Federal law under HIPAA, which of the following would the covered entity NOT have to report the breach to?
A . Department of Health and Human Services
B . The affected individuals
C . The local media
D . Medical providers

Answer: D

Explanation:

Reference: https://www.hhs.gov/sites/default/files/RansomwareFactSheet.pdf (page 6)

Leave a Reply

Your email address will not be published.