Under HIPAA Omnibus final rule a breach is presumed following every impermissible use or disclosure of Protected Health Information (PHI). Covered entities and business associates must demonstrate, through a properly conducted and documented risk assessment, that there is a low probability of compromise of the affected data/PHI.
The following two tabs change content below.
Alan J. Roth, CISA, is a retired United States Postal Inspector with experience in investigations, audit (financial, contract and developmental/information technology), digital forensics, and IT security. As a Program Manager for the Postal Inspection Services Digital Evidence Unit, Alan led a team of Forensic Analysts specializing in computer, video and audio analysis for nine years, supporting criminal investigations around the U.S. In this capacity Alan testified in Federal court as a Computer Forensic expert on several occasions.