Industries & Practices
Health Information Technology & HIPAA

We address the legal and technological factors of maintaining the privacy and security of all health system data.
With the proliferation of technology-based electronic health records and increase in health system data breaches, compliance with health information privacy and security laws has never been more important.
For years, our attorneys have counseled our clients through the implementation of the newest and most efficient health information technologies. We have experienced attorneys and nationally recognized resources to help our clients remain in compliance with the ever-changing regulatory landscape and achieve their privacy and security goals.
We counsel clients on:
- HIPAA privacy & security
- Health Information Exchange (HIE) issues
- Electronic Health Record (EHR) issues
- Interoperability and information blocking
- Telehealth, including payment and scope of practice
- Meaningful Use requirements and audits
- General Data Protection Regulation (GDPR) compliance
- Substance abuse confidentiality regulations (“Part 2”)
- Digital health
- Software, information technology contracts and licensing
- Fraud and abuse
- E-commerce, including website terms and conditions, privacy policies and payments
Health system OCR investigation
Assisted health system to respond to OCR investigation, which investigation followed a breach of unsecured patient information. Investigation concluded without ORC finding any violations of the HIP...
MoreHIPAA policy review
Reviewed the HIPAA policies of two regional health plans to ensure continued compliance with relative state laws. These regional health plans were part of a national health plan’s portfolio a...
MoreHIPAA compliance program overhaul
Conducted an assessment of a large physician practice’s existing HIPAA policies and procedures, later making recommendations for and drafting revisions and additional policies. Trained the or...
MoreHealth system GDPR compliance
Analyzed the applicability of the European Union’s General Data Protection Regulation (GDPR) to a health system’s research operations. Developed a GDPR-compliant standard operating proc...
MoreHealth care information database
Assisted in the development of a state-wide database for health care information reports, including the creation of policies and agreements and compliance with regulatory requirements (including HI...
MoreSystem-wide electronic medical record system
Assisted a large health system with the system-wide implementation of an electronic health records (EHR) system, ensuring legal and regulatory compliance, HIPAA security and continuity of patient c...
MoreCMS meaningful use audits
Advised hospitals responding to meaningful use audits of the Centers for Medicare & Medicaid Services (CMS) electronic health record incentive payment program, which required analyzing complian...
MoreElectronic health records
Serve as counsel to the Ohio Health Information Partnership and assist with all aspects of its operation of a health information exchange (CliniSync).
MoreHIPAA lawsuit
Obtained a defense verdict for a hospital in a lawsuit alleging invasion of privacy and violation of the Health Insurance Portability and Accountability Act (HIPAA) for alleged unlawful d...
More