For all licensed health care professionals, the privacy and security of a patient’s health information is of utmost importance. We at Chapman Law Group are national medical compliance attorneys, with 35 years of experience in counseling clients all over the U.S. on potential data breaches under the Health Insurance Portability and Accountability Act (“HIPAA”), and other privacy and security laws.
We work to develop and execute a data breach response plan, including reporting to federal, state and local governmental agencies, responding to formal agency investigations, and putting a strategy together if your practice may have violated the HIPAA Breach Notification Rule.
If you believe there has been a breach to the security or privacy of protected health information (“PHI”), or whether your healthcare practice committed a HIPAA violation, contact a HIPAA compliance lawyer at Chapman Law Group immediately.
Our national healthcare compliance attorneys — who specialize in HIPAA violations, HIPAA reporting, and HIPAA privacy matters, and are based in Michigan, Florida, and California — will help you with an investigation into the breach and getting notifications sent out in a timely manner to those impacted.
The HIPAA Breach Notification Rule, 45 CFR §§ 164.400-414, originally published in August 2009, is an extremely important, but often overlooked HIPAA provision.
A breach (or compromise) to the security or privacy of PHI is defined by the U.S. Department of Health & Human Services (“HHS”) as acquisition, access, use or disclosure that “poses a significant risk of financial, reputational or other harm to the individual.”
Among other things, the HIPAA Breach Notification Rule requires health care providers to demonstrate to HHS that he/she has taken appropriate remedial measures following the discovery of a breach or disclosure of unsecured PHI. Providers who can demonstrate such may avoid or limit their liability related to the alleged breach.
Remedial measures include notice to patients and others of the impermissible use or disclosure that compromised the security or privacy of the PHI.
In January 2013, HHS published a final rule, including modifications to HIPAA’s Privacy and Security Rules. A main area affected by this update was the addition of obligations on providers and their business associates to identify and report breaches of PHI.
Under the previous “harm standard,” providers had discretion as to whether a breach was reportable, based on whether that breach would result in a significant risk of financial or reputational harm. But HHS decided to change the “harm standard” due to its inconsistent application by providers.
The new standard, as announced in the final rule, presumes that any unauthorized use or disclosure of unsecured PHI is a reportable breach. Providers can rebut that presumption only by determining there is a low probability that the PHI has been compromised.
In addition, providers must know when their business associates are required to notify them if a breach occurs at, or by, the business associate.
If you believe that a breach of PHI may have occurred, we at Chapman Law Group are here to assess your situation and advise you on the next steps to take for HIPAA compliance.
Our lawyers can help you understand HIPAA violation reporting and HIPAA privacy matters, and our healthcare compliance consulting attorneys are here to set up protocols for breach prevention at your healthcare practice.
With four national offices — in Detroit (for Metro Detroit, Lansing, Ann Arbor, Kalamazoo, Grand Rapids, Dearborn, Flint, Troy, and all across the state of Michigan); Sarasota, Florida, and Miami (serving Jacksonville, Tampa, Gainesville, Fort Lauderdale, Orlando, West Palm Beach, and all across the state of Florida); and Los Angeles/Southern California — our healthcare compliance are at the ready to advise your practice on all things HIPAA. Contact us today to learn more about us.
Our Michigan healthcare regulatory and licensing lawyers showed that the nurse had a right to access records for limited purposes in her capacity, and the patient attempted to lay the foundation for an alleged HIPAA complaint against our client.
Our healthcare compliance and healthcare employment contract attorneys helped specify rules and responsibilities between a behavioral health center a and therapist employee, and we put a corrective action plan to prevent HIPAA breaches.
If you’re invited to a wedding or some other event, and the host asks for your COVID-19 vaccination card, do HIPAA’s healthcare data privacy laws apply? We have the answers.
In “Physician Guide to Basic Compliance Concepts,” Chapman Law Group’s national healthcare compliance attorneys cover how to spot and avoid healthcare fraud, handling investigations and audits, and keeping your staff in the right.
Doctors, nurses, pain management specialists beware: Disclosure outside of the exceptions or without patient consent can result in civil, criminal penalties
Michigan OFFICE
1441 W Long Lake Road
Suite 310
Troy, MI 48098
T. 248.644.6326
F. 248.644.6324
CALIFORNIA OFFICE
5250 Lankershim Blvd.
Ste. 500
North Hollywood, CA 91601
T. 305.712.7177
FLORIDA OFFICES
6841 Energy Court
Suite 120
Sarasota, FL 34240
T. 941.893.3449
701 Waterford Way
Suite 340
Miami, FL 33126
T. 305.712.7177
Practice Areas
Attorneys
© CHAPMAN LAW GROUP. ALL RIGHTS RESERVED
