Share “Health care providers must notify patients...”

Health care providers must notify patients of breach

Attorney Cori Loomis of Crowe & Dunlevy discusses what Oklahomans should do if they fear their identities are at risk.
Oklahoman Published: August 20, 2014

Q&A with Cori H. Loomis

Health providers must notify

patients of identity theft breach

Q: The recent news reports that Chinese hackers stole 4.5 million patient names, Social Security numbers, addresses, birthdays and telephone numbers from Community Health Systems, which operates 206 hospitals across the U.S., including 10 in Oklahoma, has highlighted the risks associated with identity theft and its consequences. Will patients whose information was stolen be notified?

A: Yes. Health care providers are required by the Health Insurance Portability and Accountability Act (HIPAA) to notify patients when their protected health information is compromised as a result of a breach. However, HIPAA permits providers as much as 60 days to notify. Therefore, consumers should be proactive in trying to minimize any negative ramifications.

Q: What are the risks to consumers of having their Social Security numbers (SSNs) stolen?

Continue reading this story on the...

by Paula Burkes
A 1981 journalism graduate of Oklahoma State University, Paula Burkes has more than 30 years experience writing and editing award-winning material for newspapers and healthcare, educational and telecommunications institutions in Tulsa, Oklahoma...
+ show more


  1. 1
    Police standoff with armed man ends peacefully in Owasso
  2. 2
    Skiatook Lake update; Oklahoma records wettest month ever
  3. 3
    Best ever? Kendrick Perkins says LeBron James needs 'a couple more titles and that's it'
  4. 4
    Jenks man jailed after failing to pay for dinner at Tulsa restaurant
  5. 5
    Lincoln Riley's arrival makes ESPN's list of 100 things to look forward to in 2015
+ show more