Jackson LLP’s healthcare lawyers work with clients to maintain their compliance with the privacy, security, and breach notification components of HIPAA (the Health Insurance Portability and Accountability Act of 1996).

Many small practices feel burdened by the regulatory requirements imposed by HIPAA, but Jackson LLP’s attorneys help make compliance feel manageable. We work with physical therapists and rehabilitation practices, physicians, health plans and benefits managers, mental health practices, digital health/HIT companies, pharmacists, and more.

From risk assessment to corrective actions: the HIPAA life-cycle.

The cornerstone of any HIPAA policies and procedures program is the practice’s risk assessment, which it should perform annually or whenever a security-impacting event occurs. When crafting a HIPAA policy for a client, Jackson LLP’s attorneys begin by gathering information about the client’s existing privacy and security protocols, EMR/EHR practices, employee controls and safeguards, and PHI (protected health information) use and disclosure methods. With that information, we can preliminarily assess the practice’s risk and begin drafting policies and procedures congruent with the practice’s culture, needs, and risks.

After our attorneys create a comprehensive HIPAA policy, we will provide you with a risk assessment. While some clients opt to perform their own risk assessment, many retain Jackson LLP to perform regular risk assessments on their behalf. To do this, Jackson LLP will examine the practice’s operations with respect to privacy and security issues. Next, our healthcare lawyers will offer workforce and management training to your team and help troubleshoot any potential sources of confusion. These steps can significantly decrease the likelihood of a breach and ensure that you have implemented privacy “best practices” in your healthcare facility.

If you have a HIPAA breach, we can work through the breach assessment and notification process. Jackson LLP will also help you implement corrective actions and involve additional legal counsel if necessary to navigate and minimize the impact of a breach.

Policies that impact how you practice.

The policies we create are usable, digestible, and manageable. Jackson LLP’s goal is to establish workable privacy policies and procedures that guide your day-to-day practice. Some of the topics our attorneys will address include:

• PHI use and disclosure
• Release of patient records
• Destruction of PHI or electronics used to store or transmit PHI
• Healthcare employee confidentiality agreements
• Notice of Privacy Practices
• Exchange of text messages, emails, and voicemails with patients

In addition to addressing HIPAA’s requirements, Jackson LLP’s attorneys can help ensure that your practices are also compliant with state medical privacy requirements and profession-specific rules. Our firm will develop your privacy safeguards to ensure that you maintain standards to meet the Minimum Necessary requirements under the HIPAA Privacy Rule.

Learn more. Schedule your free attorney consultation today.

The American Data Privacy and Protection Act Legislation (ADPPA) in Healthcare

In Congress, there’s bipartisan concern about Americans’ data privacy. A proposed federal law to address these concerns will likely affect how you handle patient data.

Read More

Patient Photos on Social Media

So, you want to share patient photos on your social media. What are some things you should consider first?

Read More

Email and Social Media Disclaimers for Health Professionals

Does a disclaimer really do anything to protect you from liability?

Read More

TikTok Takeover: Legal Considerations for Posting Healthcare Videos

Do you want to educate the public or promote your healthcare practice on TikTok? Before you post, keep these legal issues in mind.

Read More

HIPAA Right of Access: What It Means When Your Patient Is a Couple

Patients have a right to review their health records. Meanwhile, health information should not be disclosed to unauthorized persons. So how do you ensure access and privacy when records include information about more than one individual?

Read More

HIPAA in the Waiting Room

How do you maintain compliance with the HIPAA Privacy Rule in a crowded, bustling waiting room? We discuss the issues.

Read More

Can I Record Patient Telephone Calls and Visits?

It’s easier than ever to record phone conversations with patients. But is it legal to do so? We discuss the considerations.

Read More

Business Associate Agreement (BAA) Basics

When do you need a business associate agreement (BAA)? Are there situations in which you should decline to enter into one? Learn what it means when you sign the dotted line.

Read More

Responding to Mental Health Emergencies: Legal Considerations

When a patient is having an active mental health emergency, what are your obligations? What does the law allow? We address some common questions.

Read More

Navigating Red Flag Laws Under HIPAA

Some states permit healthcare providers to petition the court for the removal of a patient’s firearms. How can a provider do this without violating HIPAA’s Privacy Rule?

Read More

Sources of Liability in Telemedicine

Telehealth can introduce new types of risk for your medical practice. Know what to look for so that you can take steps to reduce your liability.

Read More

Does HIPAA Apply to You? You Might Not Be Compliant.

“HIPAA doesn’t apply to me.” We hear it all the time. But are you willing to bet your practice’s future on that assumption? We discuss the basics, including the most commonly overlooked aspects of the law.

Read More