HIPAA BREACH NOTIFICATION LETTER
NOTICE OF DATA BREACH INVOLVING PROTECTED HEALTH INFORMATION
SENDER INFORMATION
Covered Entity Name: [________________________________]
Address: [________________________________]
City, State, ZIP: [________________________________]
Contact Person: [________________________________]
Title: [________________________________]
Phone: [________________________________]
Email: [________________________________]
Toll-Free Number: [________________________________]
RECIPIENT INFORMATION
Date of Notice: [__/__/____]
Recipient Name: [________________________________]
Address: [________________________________]
City, State, ZIP: [________________________________]
IMPORTANT NOTICE REGARDING YOUR PROTECTED HEALTH INFORMATION
Dear [________________________________]:
We are writing to inform you of an incident that may have affected the privacy and security of your protected health information (PHI). We take the protection of your information very seriously and are providing this notice in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act.
SECTION 1: DESCRIPTION OF THE BREACH
What Happened
[________________________________]
[________________________________]
[________________________________]
[________________________________]
Date of Breach
Date the breach occurred: [__/__/____]
Date the breach was discovered: [__/__/____]
How the Breach Was Discovered
[________________________________]
[________________________________]
[________________________________]
SECTION 2: TYPES OF INFORMATION INVOLVED
The following types of protected health information may have been accessed, acquired, used, or disclosed as a result of this breach:
☐ Full Name
☐ Date of Birth
☐ Social Security Number
☐ Address
☐ Phone Number
☐ Email Address
☐ Medical Record Number
☐ Health Insurance Information
☐ Account Number
☐ Diagnosis/Condition Information
☐ Treatment Information
☐ Prescription Information
☐ Laboratory Results
☐ Clinical Notes
☐ Financial Information
☐ Credit/Debit Card Information
☐ Driver's License Number
☐ Other: [________________________________]
SECTION 3: STEPS YOU SHOULD TAKE TO PROTECT YOURSELF
We recommend you take the following steps to protect yourself from potential harm:
Monitor Your Accounts
☐ Review statements from your health insurer and healthcare providers for any services you did not receive
☐ Monitor your credit reports for any unusual activity
☐ Review your Explanation of Benefits (EOB) statements carefully
Credit Monitoring and Fraud Protection
☐ Consider placing a fraud alert on your credit files
☐ Consider placing a credit freeze (security freeze) on your credit reports
☐ Request a free credit report from each of the three major credit bureaus
Credit Bureau Contact Information:
| Bureau | Phone | Website |
|---|---|---|
| Equifax | 1-800-525-6285 | www.equifax.com |
| Experian | 1-888-397-3742 | www.experian.com |
| TransUnion | 1-800-680-7289 | www.transunion.com |
Report Suspected Identity Theft
If you believe you are the victim of identity theft or medical identity theft:
☐ File a report with the Federal Trade Commission (FTC) at www.identitytheft.gov or call 1-877-438-4338
☐ File a police report with your local law enforcement agency
☐ Contact your healthcare providers to review your medical records for any inaccuracies
Complimentary Services Offered
[________________________________] is offering the following complimentary services to affected individuals:
☐ Credit monitoring service for [____] months
☐ Identity theft protection service for [____] months
☐ Identity restoration services
☐ Other: [________________________________]
To enroll in these services:
Enrollment deadline: [__/__/____]
Enrollment website: [________________________________]
Enrollment code: [________________________________]
Enrollment phone number: [________________________________]
SECTION 4: WHAT WE ARE DOING
Investigation Actions
☐ Conducted a thorough investigation of the incident
☐ Engaged third-party forensic experts to assist with the investigation
☐ Determined the scope and nature of the breach
☐ Notified law enforcement agencies
☐ Reported the breach to the U.S. Department of Health and Human Services
Remediation and Prevention Measures
We have taken or are taking the following steps to prevent future incidents:
☐ Enhanced security measures and controls
☐ Implemented additional technical safeguards
☐ Provided additional training to workforce members
☐ Reviewed and updated policies and procedures
☐ Strengthened access controls
☐ Other measures: [________________________________]
SECTION 5: CONTACT INFORMATION
If you have questions about this incident or would like additional information, please contact us using the following methods:
Dedicated Hotline: [________________________________]
Hours of Operation: [________________________________]
Email: [________________________________]
Mailing Address:
[________________________________]
[________________________________]
[________________________________]
Website for Updates: [________________________________]
SECTION 6: ADDITIONAL INFORMATION
Your Rights
Under HIPAA, you have the right to:
- Request a copy of your medical records
- Request an amendment to your medical records if you believe they contain errors
- Request an accounting of disclosures of your PHI
- File a complaint with our Privacy Officer or the U.S. Department of Health and Human Services
Filing a Complaint
If you believe your privacy rights have been violated, you may file a complaint with:
Our Privacy Officer:
[________________________________]
[________________________________]
[________________________________]
U.S. Department of Health and Human Services
Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
www.hhs.gov/ocr/privacy/hipaa/complaints/
CLOSING
We sincerely regret any inconvenience or concern this incident may cause you. Protecting the privacy and security of your information is a top priority, and we are committed to maintaining your trust.
Sincerely,
[________________________________]
Signature
[________________________________]
Printed Name
[________________________________]
Title
[__/__/____]
Date
INTERNAL USE ONLY - DO NOT INCLUDE IN MAILED NOTICE
Notification Tracking
Individual Notification:
- Date sent: [__/__/____]
- Method: ☐ First-class mail ☐ Email (with consent) ☐ Substitute notice
- Tracking number: [________________________________]
Media Notification (if applicable - breaches affecting 500+ residents of a state):
- Required: ☐ Yes ☐ No
- Date sent: [__/__/____]
- Media outlets notified: [________________________________]
HHS Secretary Notification:
- Date submitted: [__/__/____]
- Breach portal submission ID: [________________________________]
State Attorney General Notification (if required):
- States notified: [________________________________]
- Date(s) sent: [__/__/____]
SOURCES AND REFERENCES
Do more with Ezel
This free template is just the beginning. See how Ezel helps legal teams draft, research, and collaborate faster.
AI that drafts while you watch
Tell the AI what you need and watch your document transform in real-time. No more copy-pasting between tools or manually formatting changes.
- Natural language commands: "Add a force majeure clause"
- Context-aware suggestions based on document type
- Real-time streaming shows edits as they happen
- Milestone tracking and version comparison
Research and draft in one conversation
Ask questions, attach documents, and get answers grounded in case law. Link chats to matters so the AI remembers your context.
- Pull statutes, case law, and secondary sources
- Attach and analyze contracts mid-conversation
- Link chats to matters for automatic context
- Your data never trains AI models
Search like you think
Describe your legal question in plain English. Filter by jurisdiction, date, and court level. Read full opinions without leaving Ezel.
- All 50 states plus federal courts
- Natural language queries - no boolean syntax
- Citation analysis and network exploration
- Copy quotes with automatic citation generation
Ready to transform your legal workflow?
Join legal teams using Ezel to draft documents, research case law, and organize matters — all in one workspace.