HIPAA/HITECH Final Rule – What you need to know to comply
The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its regulations (the “Privacy Rule” and the “Security Rule”) protect the privacy of an individual’s protected health information (“PHI”). Following the passage of HIPAA, legislation was enacted requiring modification to these rules. The Health Information Technology for Electronic and Clinical Health (“HITECH”) Act was enacted in 2009. HITECH modified certain rules to further strengthen HIPAA privacy, security, and enforcement and also provided requirements for notification of breaches of unsecured health information. With the passage of these two Acts came new legal requirements for any person or organization collecting, maintaining, using, or disclosing protected health information.
Time to view this course is 32 minutes.
Course Overview
Presenter: Heidi Schult-Gregory
Mamber, Harris Beach, PLLC.
Presenter: Justin P. Runke
Member, Harris Beach, PLLC.
This course will take an in-depth look at these 2 pieces of legislation and explore their impacts on a patient’s rights to access their PHI. The course will also explain the limits on use and disclosure, privacy practices, breach notification, and civil monetary penalties for violations by organizations handling PHI. It will also clarify who is legally obligated to conform to the rules and regulations prescribed in these two Acts.
Time to view this course is 32 minutes.
Course Learning Objectives
In this module the learner will:
- Understand the rules set forth in the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its regulations (the “Privacy Rule” and the “Security Rule”).
- Understand the rules set forth in the Health Information Technology for Electronic and Clinical Health (“HITECH”) Act.
- Understand patient rights regarding their PHI.
- Understand the legal impacts these two pieces of legislation have on individuals and organizations collecting, maintaining, using or disclosing protected health information.
- Understand the requirements for breach notification.
- Understand the enforcement regulations, liabilities and penalties for breaches.
Time to complete this course is approximately 91 minutes.
Presenter: Heidi Schult Gregory
Ms. Gregory is a member of the firm, leader of the Health Care Industry Team, and practices in the Business and Commercial Litigation Practice Group. She is listed in New York Super Lawyers in the areas of health care and business litigation. She has extensive court experience representing hospitals, health care providers, nursing homes, residential treatment facilities, professionals, insurance companies, municipal corporations, school districts, and large and small businesses in state and federal court. Ms. Gregory has successfully litigated a variety of medical malpractice and negligence cases and has handled numerous guardianship and civil commitment proceedings.
Ms. Gregory regularly counsels health care clients in areas of risk management, medical ethics, clinical operations, clinical trial work, statutory and regulatory compliance, professional discipline, credentialing, peer review and health information management. Ms. Gregory also provides statutory and regulatory compliance training seminars on a number of subjects, including HIPAA, guardianships, Mental Hygiene Law, end of life care and the new Family Health Care Decisions Act.
Prior to joining Harris Beach in 1996, Ms. Gregory was in private practice where she focused primarily on civil litigation, including medical and dental malpractice and personal injury defense.
Presenter: Justin P. Runke
Mr. Runke practices with the Health Care Industry Team and the Corporate Practice Group. He has extensive experience in representing health systems, hospitals, nursing homes, ambulatory surgery centers and large physician practices in a wide array of transactional matters, including acquisitions and dispositions, physician contracting and recruiting, health information technology licensing, physician subsidy programs relating to the implementation of electronic health records, and physician-hospital integration matters including the formation and organization of captive professional corporations. Mr. Runke regularly counsels clients on corporate compliance matters, including matters related to corporate compliance plans and the role of officers and directors with respect to compliance.
Mr. Runke also has broad experience on a wide array of corporate and commercial law issues, including mergers and acquisitions, software and intellectual property licensing, public and private financing transactions, general business planning, and various regulatory and statutory compliance issues.
Development Organization: Harris Beach, PLLC
Founded in 1856, Harris Beach has over 200 lawyers and is ranked by The National Law Journal as one of the country’s Top 250 law firms.
With offices in Albany, Buffalo, Ithaca, Uniondale, New York City, Niagara Falls, Rochester, Saratoga Springs, Syracuse, White Plains, and Yonkers, as well as New Haven, CT and Newark, NJ, Harris Beach and its affiliates provide a full range of legal and professional services for clients across New York state as well as nationally and internationally.