Click “Subscribe Now” to get attorney insights on the latest developments in a range of services and industries.
In today's digital world, federal and state laws governing the privacy and security of health information affect nearly every participant in the health care industry. Understanding these laws can be complicated, and failing to comply with them carries stiff penalties.
Dickinson Wright’s interdisciplinary health care privacy and security team helps clients understand and comply with laws addressing the privacy and security of health care information, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the regulations that followed such as the Privacy, Security, and Breach Notification Rules. Our team remains up to date on revisions and new guidance under privacy and security laws including, for example, the Health Information Technology for Economic and Clinical Health Act (HITECH) and the HIPAA Omnibus Final Rule.
We regularly counsel clients on minimizing privacy and security risks and offer strategic guidance on the many day-to-day issues associated with assuring the privacy and security of health information.
Business Associate Agreements: We create business associate agreements for all types of health care industry participants, including health care providers and suppliers, billing companies, and software companies involved in the health care industry, case management, and billing software vendors.
Policies and Procedures: We assist with developing HIPAA privacy and security policies and procedures for “Covered Entities” under HIPAA.
Breach Notification: We provide risk assessments under the Breach Notification Rule, and counsel clients regarding breaches, remediation, crisis management, and reporting and notification obligations.
Employee Training: We provide annual HIPAA compliance training to our clients’ workforce members.
Government Investigations: We assist clients with government investigations, reviews, litigation, and transaction issues when privacy or data security is compromised or at risk.
HIPAA Forms: We develop, review, and update Notices of Privacy Practices and other forms required by HIPAA in the patient intake process.
Electronic Medical Record Systems: Advising on privacy and security issues associated with transitioning to electronic medical record systems.
Health Information Exchanges: We address privacy and security concerns when developing or participating in health information exchanges.
• “Meaningful use” requirements
• IT asset acquisitions, including licensing
• Risk insurance, including cyber risk and data breaches, among others
• Data storage, including outsourcing and cloud computing
• E-billing requirements