Jump to Navigation

HIPAA Breach Reporting Deadline - February 29, 2016

Covered Entities are required to report breaches of unsecured Protected Health Information ("PHI") involving fewer than 500 individuals to the Office of Civil Rights ("OCR") of the federal Department of Human Services within 60 days of the end of the calendar year in which the breach occurred. Accordingly, a breach occurring in 2015 must be reported to OCR no later than February 29, 2016.

These reports can be made online via the OCR's website. The Report/Notification page can be accessed here:


If your organization identified a reportable breach in 2015, and has yet to submit a notice of the breach to OCR, you will need to do so by the February 29, 2016 deadline. If you have any questions regarding this reporting requirement, or would like guidance on preparing your report, please do not hesitate to contact David Marshall via email, or call (717) 620-2424.

No Comments

Leave a comment
Comment Information

Contact Us

Bold labels are required.

Contact Information

The use of the Internet or this form for communication with the firm or any individual member of the firm does not establish an attorney-client relationship. Confidential or time-sensitive information should not be sent through this form.


Privacy Policy

subscribe to this blog’s feed FindLaw Network


Latsha Davis & Marshall P.C.
1700 Bent Creek Boulevard, Suite 140
Mechanicsburg, PA 17050

Phone: 717-620-2424
Fax: 717-620-2444
Mechanicsburg Law Office Map

In Maryland call:
Phone: 410-727-2810