News

Errol J. King Jr. Named General Counsel of AAPPO

Baker Donelson Ranked Fifth on American Health Lawyers Association's List of Largest Health Care Law Firms
Publications

New Health IT Privacy and Security Guide Issued

HHS Releases Proposed Changes To HIPAA Privacy, Security And Enforcement Rules

Action Items For HITECH Act Compliance
Related Practices

Health Law

HIPAA

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) profoundly changed health care privacy requirements and patient privacy rights. A nearly four-year period of regulatory rulemaking culminated in the HIPAA transaction and code set regulations that mandate uniform formats and coding for electronic health care transactions, such as insurance eligibility determinations and claims presentments and payments. In the move to standardize electronic transactions, the privacy and security regulations were also federally mandated to regulate the privacy of patient health data and to require certain entities to implement physical, administrative and technical privacy and security policies and procedures in order to deter unauthorized access, use or disclosure of oral, written and electronic protected health information (PHI). With the enactment of the HITECH Act came an expansion of the HIPAA Privacy and Security requirements and an increase in the potential civil and criminal penalties that may be assessed. The Breach Notification Interim Final Rules soon followed requiring certain entities to notify patients, the government and even the media of certain breaches of unsecured PHI.

Baker Donelson's Health Law attorneys have carefully tracked and mastered HIPAA's intricacies to provide authoritative counsel to health care clients as they undertake the demanding compliance burdens of the Act and its rules. The four main categories of these services are:

Assessing and implementing HIPAA compliance plans, including form documents, on-site visits and training;
Providing legal services for covered entities, vendors and service providers (business associates), to defend patient complaints and mitigate the damage of costly breaches;
Providing counsel to assist clients in breaches of unsecured PHI notification, reporting and documentation processes; and
Defending entities in governmental investigations/actions and private causes of action for alleged state and federal privacy violations.

Representative HIPAA Matters

Drafted hundreds of compliance programs for large and small covered entities and business associations across the country.
Defended numerous entities in Office for Civil Rights and Department of Justice investigations of breaches and other Privacy and Security violations -- to date resulting in no penalties of any type having been assessed.
Defended entities in state law privacy actions resulting in minimal settlements.