What Happens When a Privacy Violation is Suspected?

Posted on by Sheryl Rosen

The Life Cycle of a Privacy Incident

Internal Investigationlife cycle of privacy incident

When UConn Health’s Office of Healthcare Compliance and Privacy (OHCP) receives notice of a potential privacy incident, they conduct interviews with employee(s), management, human resources and union(s) (if applicable). This is time-consuming and detracts from work and patient care.

Notification to Patients

If an investigation shows that a breach has occurred, the law requires UConn Health to send a detailed notification letter to each patient whose protected health information (PHI) was compromised. This can significantly erode our patients’ trust in UConn Health.

Disciplinary Action

Privacy violations may result in disciplinary action up to and including termination from your position at UConn Health.

Notification to Regulators

UConn Health must notify the federal government, and in some cases the Connecticut Office of the Attorney General and other regulators (including in other states) about the breach.

Government Investigation

Reporting a breach may result in a lengthy government investigation that requires significant time and resources to manage and places our practices under a government microscope.

Fines and Negative Publicity

Not only do privacy breaches expose UConn Health to potential fines; they attract media attention and may cause reputational harm.

Education and Guidance

OHCP offers education and guidance to individuals and departments that have privacy-related questions or concerns. Invite us to your next staff or department meeting for a privacy refresher or question-and-answer session!

Let’s Partner in Privacy!

Please contact us immediately if you suspect or know about a privacy issue or incident. The sooner we know, the more helpful we can be.