Attorney Karen McKeithen Schaede has worked with the Health Insurance Portability and Accountability Act since its inception in 2003. The two parts of HIPAA — security and privacy — can seem daunting, but both parts are designed to protect individuals treated in the health care system.
Most health care providers are considered “covered entities,” defined as an entity that transmits certain health information in electronic form. “Covered entity” information is found at www.dhs.gov.
Violation of HIPAA privacy regulations can subject covered entities to fines of varying amounts depending on the severity of the violation. Our health care team can help prevent or mitigate violations and can clarify any misconceptions regarding HIPAA regulations. Additionally, our attorneys can assist health care providers in developing policies and procedures to comply with the law.
First, we perform a risk analysis so that the provider can see the gaps in policies and what is required by law. Then we assist the provider in drafting written policies and procedures for compliance. Once written policies are in place, we can assist in the training of all staff members on the new policies and procedures. More information on the rule can be found at https://www.hhs.gov/ocr.hipaa/privrulepd.pdf.
Due to stiffer penalties in recent years, it is essential for a health care provider to have a plan in place to meet all regulatory requirements. Our health care team is available, usually for a flat fee, to assist you in this process to keep up with the latest regulations.
Contact our office for assistance in developing your practice’s plan, updating your current plan or training your staff.