Ensuring Transparency: Language to Avoid in HIPAA Breach Notifications
Health IT Security
HIPAA-required breach notifications in the wake of a security incident continue to be an Achille’s heel for the healthcare sector. Many notices appear laden with flowery language that make light of an incident to protect an entity’s reputation, rather than transparent phrasing to protect patient privacy.
In age where double extortion, i.e. data exfiltration, runs rampant in the industry, it’s never been more crucial for providers to provide notifications that not only tick the boxes for compliance purposes, but give patients a chance to fully comprehend an incident and potential impact for future cybercrimes.
TRANSPARENCY FAILURES AND PRIVACY IMPLICATIONS
Reports show that...