Our health care and employee benefit attorneys work together on addressing HIPAA privacy and security issues. In performing those services, we work with health care providers, employer sponsored group health plans and other service providers that are business associates of those covered entities.
Example of our services include:
- developing appropriate HIPAA privacy policies and procedures that are designed specifically for the client and the type of protected health information that the client creates or receives;
- developing appropriate HIPAA security policies and procedures and providing tools and guidance to the client’s IT professionals so that they can perform a complete security risk assessment;
- preparation and review of business associate agreements and notices of privacy practices;
- providing form documents for business associate agreements and HIPAA compliant authorizations;
- assisting in the evaluation of whether an improper use or disclosure of PHI constitutes a breach and assisting on any appropriate notifications;
- providing HIPAA training to members of the client’s workforce that have access to PHI;
- advising clients and researchers on the HIPAA rules that govern the use and disclosure of PHI for research purposes; and
- assisting the client in responding to inquiries from HHS or a notice of and HHS audit.