Industries & Practices

HIPAA & Health Information Technology

We address the legal and technological factors of maintaining the privacy and security of all patient records.

In what have become dominating topics in health care law, the protection of patient privacy and the security of patient records are more important than ever before. Especially with the proliferation of technology-based electronic health records, health care facilities have been well-publicized victims of data breach and identity theft with costly consequences involving patient lawsuits and noncompliance penalties.

Since HIPAA’s enactment in 1996, Bricker & Eckler has been a nationwide leader in providing comprehensive legal services related to the statute. And when the HITECH Act, containing major changes to HIPAA, was signed into law in 2009 and revised through 2013, we stood at the forefront of addressing health information issues whose regulations were evolving.

For years, our attorneys have counseled our clients through the implementation of electronic health record (EHR) technology and the protection of their patients’ data. While these systems present health care entities with significant operational and financial benefits, they also pose a number of unique legal challenges. Whether obtaining incentive payments for the “meaningful use” of health records, complying with all applicable statutes and regulations, maintaining the confidentiality of health information or developing health information exchanges, we have experienced attorneys and nationally recognized resources to help our clients achieve their privacy and security goals.

HIPAA policy review

Reviewed the HIPAA policies of two regional health plans to ensure continued compliance with relative state laws. These regional health plans were part of a national health plan’s portfolio a...

HIPAA compliance program overhaul

Conducted an assessment of a large physician practice’s existing HIPAA policies and procedures, later making recommendations for and drafting revisions and additional policies. Trained the or...

Health system GDPR compliance

Analyzed the applicability of the European Union’s General Data Protection Regulation (GDPR) to a health system’s research operations. Developed a GDPR-compliant standard operating proc...

Health care information database

Assisted in the development of a state-wide database for health care information reports, including the creation of policies and agreements and compliance with regulatory requirements (including HI...

System-wide electronic medical record system

Assisted a large health system with the system-wide implementation of an electronic health records (EHR) system, ensuring legal and regulatory compliance, HIPAA security and continuity of patient c...

CMS meaningful use audits

Advised hospitals responding to meaningful use audits of the Centers for Medicare & Medicaid Services (CMS) electronic health record incentive payment program, which required analyzing complian...

Electronic health records

Serve as counsel to the Ohio Health Information Partnership and assist with all aspects of its operation of a health information exchange (CliniSync).

HIPAA lawsuit

Obtained a defense verdict for a hospital in a lawsuit alleging invasion of privacy and violation of the Health Insurance Portability and Accountability Act (HIPAA) for alleged unlawful d...

See All

Key Contacts

Allen R. Killworth Columbus

Elizabeth A. Kastner Columbus

People

Chris Bennington Partner

Cincinnati
513.870.6572
cbennington@bricker.com

James F. Flynn Managing Partner

Columbus
614.227.8855
jflynn@bricker.com

Joshua M. Gilbert Senior Associate

Columbus
614.227.7736
jgilbert@bricker.com

Elizabeth A. Kastner Partner

Columbus
614.227.8852
ekastner@bricker.com

Allen R. Killworth Partner

Columbus
614.227.2334
akillworth@bricker.com

Jennifer Nelson Carney Partner

Columbus
614.227.4870
jnelsoncarney@bricker.com

Diane M. Signoracci Partner

Columbus
614.227.2333
dsignoracci@bricker.com

Elisabeth A. Squeglia Partner

Columbus
614.227.2396
esqueglia@bricker.com

See All

Insights

ONC extends Information Blocking compliance deadlines

OCR announces second-largest HIPAA breach settlement

OCR settles five additional cases in HIPAA Right of Access Initiative

OCR recommends IT asset inventory for HIPAA compliance

COVID-19 Update: OCR updates guidance on contacting former COVID-19 patients about blood and plasma donation to add health plans

Deadline approaching to submit promoting interoperability hardship exception to avoid payment adjustment

Your data is under attack: Are you ready?

HIPAA settlement highlights importance of mobile device encryption

Telehealth services expanded in Ohio by new executive order

COVID-19 Update: OCR issues guidance on contacting former COVID-19 patients about blood and plasma donation

HIPAA
Resource Center

HIPAA Compliance and Audit Program

The HIPAA Compliance and Audit Program is a comprehensive online program for complying with the HIPAA privacy, security and breach regulations, including the provisions of the HITECH Act and the Omnibus Rule.

The HIPAA Regulations Section-By-Section

This HIPAA resource helps users interpret the privacy, security and breach regulations in one convenient location and an easy to review format. Information is updated periodically with amendments to the regulations, as well as new guidance issued by HHS, as they become available.

Columbus

Cleveland

Cincinnati

Dayton

Marietta

Barnesville