Did your organization have any HIPAA breaches of unsecured PHI affecting fewer than 500 individuals in 2014? If so, the deadline to report these breaches to the Secretary of Health and Human Services' Office of Civil Rights (OCR) is March 1, 2015.
HIPAA breaches of unsecured PHI affecting fewer than 500 individuals must be reported to the Secretary within 60 calendar days of the end of each year. These breaches are reported online using the following form (submit one notice for each breach).
Note: HIPAA breaches affecting 500 or more individuals must be reported "without unreasonable delay and in no case later than 60 calendar days from the discovery of the breach." See the OCR website for more information.