HIPAA Compliance

The cornerstone of any HIPAA policies and procedures program is the practice’s risk assessment, which it should perform annually or whenever a security-impacting event occurs. When crafting a HIPAA policy for a client, Jackson LLP’s attorneys begin by gathering information about the client’s existing privacy and security protocols, EMR / EHR practices, employee controls and safeguards, and PHI (protected health information) use and disclosure methods. With that information, we can preliminarily assess the practice’s risk and begin drafting policies and procedures that are congruent with the practice’s culture, needs, and risks.

Learn more ▶