HIPAA Breach Notification Letter Template
Download the free HIPAA breach notification letter template
Download free resource
Enter your email below to access this resource.
By entering your email address, you are opting-in to receive emails from SimplePractice on its various products, solutions, and/or offerings. Unsubscribe anytime.
This free HIPAA breach notification letter template is essential to inform clients and report HIPAA breach incidents in your private practice.
As a healthcare provider or private practice business owner, if a HIPAA violation occurs, it’s your responsibility to take the necessary steps to report it to your clients or patients. The correct way to inform them is by sending out a HIPAA breach notification letter.
To help make this process easier, we’ve created a free HIPAA breach notification letter template you can download and use to alert those affected, in case of a breach.
What is considered a HIPAA breach?
Federal regulations define a HIPAA breach as “the acquisition, access, use, or disclosure of protected health information (PHI) in a manner not permitted…which compromises the security or privacy of the protected health information.”
If a HIPAA violation is identified, healthcare providers and private practice owners must inform affected clients and patients within 60 days following the discovery of a breach.
What to include in a HIPAA breach notification letter
To create your specific HIPAA breach notification letter to send to your clients, first download our sample HIPAA breach notification letter template.
Next, fill in the necessary information to ensure this HIPAA breach notification letter accurately describes the breach incident. Be sure to include your practice name and address. You can customize this template as needed.
According to the U.S. Department of Health and Human Services, HIPAA breach notification communications must include (to the extent possible):
You cannot omit information based on uncertainty. If, for example, client payment information may have been breached, you must indicate that. It’s important that you follow these strict guidelines to remain HIPAA compliant.
According to a 2020 HIPAA Audit Report, only 3% of covered entities were HIPAA compliant.
In addition to using this HIPAA breach notification letter template, there are additional steps practitioners can take to ensure they are HIPAA-compliant. Check out The Key to HIPAA-Compliant Emails, How to Ensure HIPAA-Compliant Billing, and What Does It Mean for a Therapist to Be HIPAA Compliant? You can also take one of our two SimplePractice Learning Courses—HIPAA Compliance for Group Practices and Private Practice or Ongoing HIPAA Compliance for Therapists.
- a short description of the breach
- the types of information that were involved in the breach
- the steps affected individuals should take to protect themselves from potential harm
- A brief description of what the covered entity (i.e. your practice) is doing to investigate the breach, mitigate harm, and prevent further breaches
- contact information for the covered entity (i.e. you and/or your practice)
When filling out the HIPAA breach notification letter template, be sure to only include statements that you are highly confident are accurate in your specific situation.
Stay secure with HIPAA-compliant client messaging
SimplePractice practice management software is an EHR system that includes HIPAA-compliant Secure Messaging that makes it easy to securely communicate with your clients and team members.
Try SimplePractice free for 30 days. No credit card required.