HIPAA / Health Privacy & Security
Arent Fox began advising clients in matters involving the privacy and security of health information long before the final promulgation of the Privacy and Security Standards under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). In fact, we represented clients before Congress and HHS throughout the negotiations of the Administrative Simplifications Provisions of HIPAA and the crafting of the final regulations. We also developed a comprehensive model HIPAA compliance program that enables health care providers to implement the Federal Privacy Standards in a systematic and efficient manner.
Given the depth of our HIPAA experience, we are uniquely positioned to provide our clients with a comprehensive, cost-effective means to incorporate new HIPAA and HITECH requirements into existing compliance programs, assess their obligations under the new data breach notification requirements, and unravel the complex HIPAA issues that frequently arise in the context of clinical research. Clients facing a HIPAA enforcement action can turn to Arent Fox with confidence knowing that one of our attorneys was involved in the resolution of the largest HIPAA enforcement case to date.
Our colleagues who represent retailers, technology, and media companies recently wrote that high profile data breaches have resulted in legislative and commercial industry initiatives to better protect consumers’ financial information from data theft.
We want to note that those in the health care industry need to pay attention to these developments as well. To read our colleagues’ article, click here.
On July 22, 2014, the California Court of Appeal, Third Appellate District, found that patients whose confidential health information had been stolen could not sustain a class action absent an allegation that the information was actually viewed by unauthorized third parties.
On May 7, 2014, the US Department of Health and Human Services Office of Civil Rights (OCR) announced settlements with two New York-based hospitals totaling $4.8 million for violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. The settlements related to the hospitals’ failure to secure the electronic protected health information (ePHI) of thousands of patients held on their networks and are the latest example of OCR’s increased enforcement action.
On April 22, 2014, the US Department of Health and Human Services Office of Civil Rights (OCR) announced settlements of close to $2 million with two health care entities for violations of the Privacy and Security Rules promulgated under the Heath Insurance Portability and Accountability Act (collectively HIPAA) related to the theft of unencrypted laptops.
ABOUT ARENT FOX LLP
Arent Fox LLP, founded in 1942, is internationally recognized in core practice areas where business and government intersect. With more than 350 lawyers, the firm provides strategic legal counsel and multidisciplinary solutions to clients that range from Fortune 500 corporations to trade associations. The firm has offices in Los Angeles, New York, San Francisco, and Washington, DC.