What to do After a Data Breach

May 1, 2013 – In The News
Physicians Practice

Elizabeth Litten was quoted in the Physicians Practice article “What to do After a Data Breach." While the full text can be found in the May 1, 2013, issue of Physicians Practice, a synopsis is noted below.

Regardless of how a data breach occurs, a practice’s first job is to try and stop the breach from escalating to a worse scenario.

If the breach involves a theft a practice should call the police before assessing the extent of the damage, says Elizabeth Litten, who has represented hospitals, physicians, and other providers and payers on a variety of healthcare issues.

Be sure to act as quickly as possible to fix the breach, says Litten, because if your practice is found guilty of willful neglect, it will face steeper civil money penalties. While civil penalties are between $10,000 and $50,000 per violation (resulting from willful neglect) if corrective actions take place within a 30-day trial period, if not corrected, each such violation is subject to a penalty of at least $50,000.