Overview
We assist employers, managed care plans, insurers, health care providers and vendors in addressing the Health Insurance Portability and Accountability Act (HIPAA). Locke Lord health care attorneys have a thorough understanding of all HIPAA requirements. We also have extensive knowledge of the systems, software and security that dictate how electronic health and benefit information is coded, stored, retained and communicated. This knowledge is crucial in helping clients avoid costly legal sanctions. We assist HIPAA-covered entities with the following:
- Preparing and implementing privacy and security policies and procedures to ensure that Protected Health Information (PHI), (including HIV/AIDS records and related medical testing information) is kept private and secure.
- Preparing business associate agreements and confidentiality clauses.
- Creating internal training and educational programs for handling PHI and assistance in implementing compliance plans.
- Assisting sponsors of ERISA self-insured plans in amending plan documents for HIPAA compliance.
- Advising on potential HIPAA compliance violations and responses, including questions of potential identity theft and potential security breaches.
- Representing health care organizations in updating company documents to ensure compliance with HIPAA and state privacy and security laws.
- Revising and updating privacy and security policies and procedures and business associate agreements in response to the HITECH Act and its implementing regulations.
- Preparing and implementing privacy and security policies for business associates.
- Advising clients regarding analysis, notification and reporting following a potential security breach.