Question: We were notified that there was a breach of HIPAA at one of the vendors we use. The vendor did follow proper protocol and written notices of the breach were sent to all of the employees. My question, is there any additional requirements for employers in this situation?
Answer from the experts at HR Hero:
If your vendor had a breach of protected health information in violation of the Health Insurance Portability and Accountability Act (HIPAA), it likely is sufficient for the vendor to provide the notification of the breach and follow the required protocol for the breach. It