March 1, 2022, is the date by which HIPAA-covered entities must notify the U.S. Department of Health and Human Services Office for Civil Rights (OCR) of “small” breaches of unsecured protected health information that were discovered during calendar-year 2021. A small breach involves fewer than 500 individuals. HIPAA Small Breach Notification Requirements HIPAA requires covered […]