Top Menu

HIPAA Security Reminder of the Week

Breach of PHI Assessment 4-Factor Requirement

Do you think there’s been a breach of PHI?


Follow these guidelines to determine if PHI has been compromised:

  1. Look at the nature and extent of the PHI involved, including the types of identifiers and the likelihood of re-identification.
  2. Find out who accessed the PHI. Was the person unauthorized who used the PHI? Was the person to whom the disclosure was made authorized to accept it?
  3. Was the PHI actually acquired or viewed?
  4. What is the extent to which the risk to PHI has been mitigated?

Report the breach to your HIPAA Security Officer.