| Health Information Technology / Privacy & Security / HIPAAOur health information technology (HIT) practice group has decades of experience helping clients plan and implement health information sharing networks and exchanges, develop practical privacy and security policies and procedures, and acquire and implement the necessary technology. Our clients include startup and mature health information exchanges (HIEs), health care providers procuring and implementing HIT as a physician alignment strategy, HIT developers and vendors, and telemedicine providers.
Deploying HIT is becoming increasingly complex. We help conceive structures and mechanisms that will encourage its growth, devise financing approaches, solve regulatory compliance challenges, and assist in developing the network of contracts and relationships necessary for successful deployment.
Our service covers the full range of legal and business issues, including:
- Regulatory requirements
- Risk management
- Governance structures
- Participation agreements
- Policies and procedures development
- Entity formation
- Contracting
- Data breach mitigation
- Requirements associated with consent policy
The challenge of HIPAA
HIPAA imposes significant constraints and complications on electronic health records and HIT programs. Although the initial implementation of HIPAA requirements is complete, there are still substantial gray areas and new challenges that develop as the law continues to be tested, interpreted and enforced. These require organizations regularly to audit, monitor and refine their policies, procedures and safeguards. Moreover, widely publicized data breaches have increased regulatory scrutiny and enforcement at both the state and federal levels. We help clients develop far-sighted yet practical and flexible compliance programs that protect them without being overly burdensome. |
| |