The Health Insurance Portability and Accountability Act of 1996 (HIPAA) sets forth policies, procedures and guidelines for maintaining both the privacy and security of individually identifiable health information as well as outlines numerous offenses relating to health care and sets civil and criminal penalties for violations.

The HIPAA Privacy Rule provides federal protections for individually identifiable health information held by covered entities and their business associates and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of health information needed for patient care and other important purposes.

The HIPAA Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities and their business associates to use to assure the confidentiality, integrity, and availability of electronic protected health information.

The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted in 2009, as well as the Final HIPAA Omnibus Rule (2013) addresses the privacy and security concerns associated with the electronic transmission of health information, in part, through several provisions that strengthen the civil and criminal enforcement of the HIPAA rules.

At Udall we:

  • Assist health care providers in handling and investigating HIPAA complaints
  • Defend health care providers in investigations by the HHS/Office for Civil Rights
  • Assist health care providers with breach analysis and breach notifications
  • Develop HIPAA complaint policies and business associate agreements for health care providers
  • Conduct training with health care providers and their staff on HIPAA’s Privacy Rule

Udall Law Firm lawyers that practice HIPAA / HITECH Law – click here