Privacy & Security of Health Information

Request Proposal
Want to get our alerts?

Click “Subscribe Now” to get attorney insights on the latest developments in a range of services and industries.

Complex and ever-changing federal and state health information privacy and security laws affect many participants in the health care industry. Understanding these laws can be complicated, and failing to comply with them carries stiff penalties.

Dickinson Wright’s interdisciplinary health care privacy and security team helps clients understand and comply with laws addressing the privacy and security of health care information, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the regulations promulgated thereunder such as, the Privacy, Security and Breach Notification Rules. Dickinson Wright’s privacy and security team remains up to date on revisions and new guidance under privacy and security laws including, for example, the Health Information Technology for Economic and Clinical Health Act (HITECH) and the HIPAA Omnibus Final Rule.

Our attorneys regularly counsel clients on minimizing privacy and security risks and offer strategic guidance on the many day-to-day issues associated with assuring the privacy and security of health information.

Among our areas of privacy and security expertise are:

Business Associate Agreements. Business associate agreements for all types of health care industry participants, including health care providers and suppliers, billing companies, software companies involved in the health care industry, case management, and billing software vendors.
Policies and Procedures. Developing HIPAA privacy and security policies and procedures for “Covered Entities” under HIPAA.
Breach Notification. Risk assessments under the Breach Notification Rule, and counseling clients regarding breaches, remediation, crisis management, and reporting and notification obligations.
Employee Training. Providing annual or more regular HIPAA compliance training to our clients’ workforce members.
Government Investigations. Assisting clients with government investigations, reviews, litigation and transaction-related issues when privacy or data security is compromised or at risk.
HIPAA Forms. Developing, reviewing and updating Notices of Privacy Practices and other forms required by HIPAA in the patient intake process.
Electronic Medical Record Systems. Advising on privacy and security issues associated with transitioning to electronic medical record systems.
Health Information Exchanges. Addressing privacy and security concerns when developing or participating in health information exchanges.

We also advise clients regarding a wide array of health care IT-related issues including:

• “Meaningful use” requirements
• IT asset acquisitions (including licensing)
• Risk insurance (e.g., cyber risk, data breach, among others)
• Health care-related data storage, including outsourcing and cloud computing
• E-billing requirements

HIPAA Insights and Developments

HIPAA Basics 
HIPAA Update – Significant Omnibus Rule Changes 
Responding to Requests for Information 
HIPAA Enforcement Past, Present and Future 

Have a question or want to connect?