Next up in our series of advisories relating to emerging issues under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), previous installments of which can be found here and here, Adam Greene looks at a recent proposed HIPAA Privacy Rule expansion that would significantly impact financial institutions that  serve as "business associates" to HIPAA-covered entities, by potentially requiring them to furnish lists of their employees to those entities’ patients/enrollees.  The advisory can be found here.