HIPAA Compliance
Our HIPAA Compliance Attorneys Understand the Federal and State Laws Healthcare Providers Face
The attorneys at Lubell Rosen have an in-depth understanding of the complex and ever-changing federal and state laws governing the activities of healthcare providers. Our attorneys work with healthcare professionals, medical practices, hospitals, pharmacies, healthcare clinics and many other businesses and organizations operating throughout the healthcare industry to develop policies and procedures that ensure compliance with these strict and exhaustive requirements. In particular, our healthcare law attorneys advise clients on all types of privacy and security matters related to the Health Insurance Portability and Accountability Act (HIPAA) as well as the Health Information Technology for Economic and Clinical Health Act (HITECH) and The Florida Information Protection Act of 2014, a Florida state law governing privacy rules for entities handling personal information.
Overview of The Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) establishes national privacy standards addressing the use, storage and sharing of protected health information (PHI) by covered entities (healthcare providers, health plans and health care clearinghouses). HIPAA also sets forth a national set of security standards governing electronic protected health information (ePHI). Under HIPAA, the U.S. Department of Health and Human Services Office for Civil Rights (HHS OCR) is charged with the responsibility of enforcing these highly complex privacy and security rules. In 2009, the U.S. government expanded the privacy and security requirements for health records and information through the enactment of The Health Information Technology for Economic and Clinical Health (HITECH) Act. In part, this Act places additional obligations and requirements upon covered entities related to the electronic transmission of health information by strengthening civil and criminal enforcement activities under HIPAA. In 2013, the rules for covered entities regarding the safeguarding of protected health information were further extended and the Acts were expanded to require “business associates” (including non-healthcare professionals and others) working with covered entities to establish HIPAA compliance programs to ensure that any protected health information they receive is properly protected. Our firm regularly tracks and analyzes important legal developments that may impact members of the healthcare profession. To learn about recent updates and amendments to HIPAA/HITECH Acts please visit our News and Resources page.
Developing Effective Compliance Strategies
The legal team at Lubell Rosen appreciates the confusion and frustration surrounding both HIPAA and the HITECH Act. We know that the extensive security and privacy requirements set forth in these Acts can be challenging for healthcare providers to comprehend and navigate. Our health law attorneys are committed to educating clients and ensuring that they fully understand HIPAA’s complex rules and procedures. We regularly work with medical providers, healthcare institutions, businesses and other entities operating throughout the healthcare industry to develop and implement compliance programs that meet HIPAA’s strict requirements. Our attorneys provide a complete range of HIPAA compliance services, including:
- Developing HIPAA security and privacy compliance plans and procedures
- Reviewing and drafting HIPAA compliant forms and notices
- Preparing and reviewing agreements with business associates
- Conducting internal risk assessments
- Providing HIPAA training programs for healthcare professionals and employees
- Assisting in interpreting HIPAA rules and regulations
- Advising on breach notification requirements
- Responding to patient complaints involving privacy and security issues
- Developing action plans for surveys, audits and investigations
- Defending clients in lawsuits and disciplinary actions
Lubell Rosen has years of experience providing cost-effective and practical solutions to healthcare providers and other organizations struggling to comply with HIPAA’s privacy and security rules. We are a full service law firm and whether we are assisting a medical office in developing HIPAA compliant forms or advising a healthcare provider on how to best respond to a potential security or privacy violation, our legal team is committed to helping clients to develop strategies that resolve their HIPAA issues as quickly and effectively as possible.