The Life Cycle of a Privacy Incident
Internal Investigation
When UConn Health’s Office of Healthcare Compliance and Privacy (OHCP) receives notice of a potential privacy incident, they conduct interviews with employee(s), management, human resources and union(s) (if applicable). This is time-consuming and detracts from work and patient care.
Notification to Patients
If an investigation shows that a breach has occurred, the law requires UConn Health to send a detailed notification letter to each patient whose protected health information (PHI) was compromised. This can significantly erode our patients’ trust in UConn Health.
Disciplinary Action
Privacy violations may result in disciplinary action up to and including termination from your position at UConn Health.
Notification to Regulators
UConn Health must notify the federal government, and in some cases the Connecticut Office of the Attorney General and other regulators (including in other states) about the breach.
Government Investigation
Reporting a breach may result in a lengthy government investigation that requires significant time and resources to manage and places our practices under a government microscope.
Fines and Negative Publicity
Not only do privacy breaches expose UConn Health to potential fines; they attract media attention and may cause reputational harm.
Education and Guidance
OHCP offers education and guidance to individuals and departments that have privacy-related questions or concerns. Invite us to your next staff or department meeting for a privacy refresher or question-and-answer session!
Let’s Partner in Privacy!
Please contact us immediately if you suspect or know about a privacy issue or incident. The sooner we know, the more helpful we can be.