Dorsey’s extensive health care practice and client base has produced a strong parallel practice in health care privacy issues, including especially HIPAA and HITECH . Our HIPAA privacy experts counsel hospitals, physician groups, health systems, specialty boards, health care clearinghouses and health care system networks. The majority of our work in the HIPAA/HITECH area involves ensuring that our clients are in regulatory compliance and creating systems designed to prevent litigation.
Typically, we work with our clients to develop compliance programs along the following general guidelines:
- analysis of what entities are covered under the HIPAA rule;
- detailed survey and assessment of data practices to identify problem areas;
- structuring an efficient HIPAA program through the use of organized health care arrangements and affiliated covered entities;
- comprehensive reviews of business associate relationships and contracts;
- development of applicable policies, authorizations, and written documentation required for a fully compliant HIPAA privacy program;
- review and analysis of permitted uses and disclosures of protected information; and
- state law HIPAA preemption analysis.
We provide HIPAA and privacy training for the workforce members of covered entities and business associates, and we work with covered entity and business associate clients routinely to assist in the investigation of breaches and preparing breach notifications.
- We handled the amendment of hundreds of business associate agreements for a large nationwide health plan client following the enactment of the HITECH Act
- A nationwide health care client asked Dorsey to handle negotiation of the company’s business associate agreements with other law firms throughout the country.
- Dorsey has represented healthcare providers and health plans in investigations under HIPAA conducted by the Department of Health and Human Services – Office of Civil Rights.
- Dorsey regularly assists clients with drafting website policies that are HIPAA-compliant.
HIPAA/HITECH Attorney Articles
|September 5, 2013
||HIPAA Compliance Deadline is Rapidly Approaching|
|January 25, 2013
||Final HIPAA Rule Will Regulate Business Associates, Change HIPAA Breach Notification Obligations|
|July 23, 2012
||HIPAA Prvacy and Security Audits Underway |
|January 26, 2012
||Prepare for Health Plan Participant Fee|
|November 4, 2010
||Adult Day Care: The Regulatory Framework and its Future as a Medicare Home Health Service|
||Major Changes to HIPAA Security and Privacy Rules Enacted in Economic Stimulus Package, Health Lawyers News, Vol. 13, Number 6|
|April 28, 2009
||FTC and HHS Issue Important Guidance Applicable to Personal Health Record Vendors, Related Entities and Service Providers Pursuant to HITECH Act Provisions of the ARRA|
|April 14, 2009
||HITECH Changes HIPAA Privacy and Security Rules for Group Health Plans|
|April 6, 2009
||Reminder: HIPAA Privacy Notice Reminder Deadline On April 14, 2009 |
|March 30, 2009
||New Penalties of up to $50,000 per Violation for Noncompliance with Health Data Privacy and Security Rules |
|March 23, 2009
||New HIPAA Special Enrollment Rights Effective April 1, 2009|