News & Insights  |  Media Mentions

Related Professionals

Practice Areas


Patricia O'Connell
Senior Communications Manager

Kirk Nahra Shares Tips for Avoiding Common Pitfalls in Data Breach Responses

Employer’s Guide to HIPAA Privacy Requirements
March 2, 2016

A presentation by Kirk J. Nahra, chair of Wiley Rein’s Privacy Practice and co-chair of the Health Care Practice, was the focus of a recent article about common pitfalls organizations encounter when responding to data breaches.

“The biggest problem people have is when they sit too long” instead of quickly notifying the proper personnel of a potential breach, Mr. Nahra said at a conference sponsored by the International Association of Privacy Professionals. His comments were featured in the January 2016 issue of the Employer’s Guide to HIPAA Privacy Requirements.

Organizations must provide targeted training to ensure their employees would quickly take the proper steps in response to a possible breach, Mr. Nahra said. “The lowest-level people in your company can have things happen to them,” he said. “I want them to know where to go when there’s a problem.”

Another common pitfall is that organizations often focus too soon on potential notice obligations, Mr. Nahra said. “Don’t let issues about notice distract you too early on” from the broader investigation of a breach, or from fixing the problem itself, he said.