Our HIPAA Compliance Lawyers: Your Healthcare Privacy and Security Experts

Doctor Reviewing Information on a Laptop Computer

Are You Prepared for a Potential Data Breach? Our Healthcare Attorneys Can Help You With HIPAA Violations, HIPAA Reporting, and HIPAA Privacy Matters

For all licensed health care professionals, the privacy and security of a patient’s health information is of utmost importance. We at Chapman Law Group are national medical compliance attorneys, with 35 years of experience in counseling clients all over the U.S. on potential data breaches under the Health Insurance Portability and Accountability Act (“HIPAA”), and other privacy and security laws. 

We work to develop and execute a data breach response plan, including reporting to federal, state and local governmental agencies, responding to formal agency investigations, and putting a strategy together if your practice may have violated the HIPAA Breach Notification Rule

If you believe there has been a breach to the security or privacy of protected health information (“PHI”), or whether your healthcare practice committed a HIPAA violation, contact a HIPAA compliance lawyer at Chapman Law Group immediately.

Our national healthcare compliance attorneys — who specialize in HIPAA violations, HIPAA reporting, and HIPAA privacy matters, and are based in Michigan, Florida, and California — will help you with an investigation into the breach and getting notifications sent out in a timely manner to those impacted.

What is the HIPAA Breach Notification Rule?

The HIPAA Breach Notification Rule, 45 CFR §§ 164.400-414, originally published in August 2009, is an extremely important, but often overlooked HIPAA provision.

A breach (or compromise) to the security or privacy of PHI is defined by the U.S. Department of Health & Human Services (“HHS”) as acquisition, access, use or disclosure that “poses a significant risk of financial, reputational or other harm to the individual.”

Among other things, the HIPAA Breach Notification Rule requires health care providers to demonstrate to HHS that he/she has taken appropriate remedial measures following the discovery of a breach or disclosure of unsecured PHI. Providers who can demonstrate such may avoid or limit their liability related to the alleged breach.

Remedial measures include notice to patients and others of the impermissible use or disclosure that compromised the security or privacy of the PHI.

In January 2013, HHS published a final rule, including modifications to HIPAA’s Privacy and Security Rules. A main area affected by this update was the addition of obligations on providers and their business associates to identify and report breaches of PHI.

Under the previous “harm standard,” providers had discretion as to whether a breach was reportable, based on whether that breach would result in a significant risk of financial or reputational harm. But HHS decided to change the “harm standard” due to its inconsistent application by providers.

The new standard, as announced in the final rule, presumes that any unauthorized use or disclosure of unsecured PHI is a reportable breach. Providers can rebut that presumption only by determining there is a low probability that the PHI has been compromised.

There are many nuances to the HIPAA Breach Notification Rule, and providers must know whether they are required to notify:

    • The individual affected by the breach of unsecured PHI
    • The Secretary of HHS
    • In certain circumstances, the media

In addition, providers must know when their business associates are required to notify them if a breach occurs at, or by, the business associate.

The HIPAA Breach Notification Rule process is complex, should be executed in a timely manner, and must address these five critical questions:

      1. What is the nature and extent of the PHI involved?
      2. What types of identifiers were released and what is the likelihood of re-identification?
      3. Who was the unauthorized person who used the PHI or to whom the disclosure was made?
      4. Was the PHI acquired or viewed?
      5. To what extent can you mitigate the risks of harm?

Chapman Law Group: Your National Healthcare Attorneys for HIPAA Privacy, Security, Breach and Compliance Matters

If you believe that a breach of PHI may have occurred, we at Chapman Law Group are here to assess your situation and advise you on the next steps to take for HIPAA compliance.

Our national health care compliance lawyers at Chapman Law Group have vast experience in state and federal health care regulations and best practices across the U.S. We have a lawyer who is a former Medicare attorney, another attorney is a former Medicaid fraud prosecutor, and each of us holds an LL.M. in Health Law from Loyola University Chicago School of Law — the top school in the U.S. for healthcare law.

Our extensive experience in key areas of regulatory compliance in healthcare include:

We represent licensed medical professionals, including:

Our offices are in Detroit (where we serve the cities of Dearborn, Troy, Ann Arbor, Lansing, and Grand Rapids, as well as the entirety of Michigan); Miami and Sarasota, Florida (for Jacksonville, Tampa, Gainesville, Orlando, West Palm Beach, and the full state of Florida); Los Angeles/Southern California; and Chicago

Our lawyers can help you understand HIPAA violation reporting and HIPAA privacy matters, and our healthcare compliance consulting attorneys are here to set up protocols for breach prevention at your healthcare practice. Contact us today and let us put our know-how to work for you.

Need an Attorney? Contact us now!


  • This field is for validation purposes and should be left unchanged.


  • This field is for validation purposes and should be left unchanged.

Got A Question?

Contact me now to schedule a consultation.

Other Practice Areas​


Related Blog Posts

Best Practices for DEA Compliance

A Physician’s Guide on DEA Compliance: How to Avoid DEA Regulatory and Criminal Investigations Physicians and other health professionals face increased scrutiny from federal authorities,

Read More »

FREE Health Care Newsletter

Stay up to date on the latest news in health care law!

FREE eBook!

Click the link below to download our compliance eBook now!

Got A Question?

Contact me now to schedule a consultation.
Chapman Law Group Favicon

This website uses cookies to ensure you get the best experience on our website.

Send this to a friend