The Attorney's Role in Healthcare Data Breaches


Data breaches are becoming increasingly common because of the delicate information one can obtain from computer systems. Many companies rely on their attorneys to determine whether or not a breach should be reported. The attorney should examine three important questions before advising a client how to handle the breach:

  1. How important is this compared to the other matters on my to do list?
  2. How thorough can I be with the advice for the client?
  3. Can I give the client more detailed advice on mitigation?


The attorney should make the breach a top priority and work with the client to address it. It must be done quickly because one does not want a lot of time to pass before notifying affected individuals. Moreover, the attorney should advise the client on possible options or steps the organization may take. Lastly, the attorney should have a role in the breach's mitigation (i.e. the company should update its risk assessment or the company needs to conduct a gap analysis). The organization should be better educated on cybersecurity and be better informed.

Summary by Caroline Smith

To read more from Caroline click here

To read more from click here

Caroline Smith is currently a senior at the University of Notre Dame and is a contributor to Medical Groups. She is majoring in Science-Business and Spanish. After graduation, Caroline plans on entering the field of healthcare consulting. She is most interested in the evolving policy changes in the healthcare industry and enjoys learning about new technologies that are being developed.