Lobbying Affiliate: MML&K Government Solutions
{ Banner Image }

Healthcare Law Blog

Comprehensive Healthcare law services.
It's kind of our bag.

Contact Us

* Indicates a required field.

Categories

McBrayer Blogs

Related Blogs

Showing 5 posts tagged HIPAA.

Healthcare Entities: HIPAA's Privacy Rule Exceptions in Light of COVID-19

While the HIPAA Privacy Rule protects the privacy of patients’ health information (PHI), it is balanced to ensure that appropriate uses and disclosures of the information still may be made when necessary to treat a patient, to protect the nation’s public health, and for other critical purposes. More >

Tough Issues: Privacy and COVID-19

Now more than ever, healthcare providers face important issues about HIPAA and patient privacy requirements for patients being evaluated for COVID-19, for those being treated for it, and for those exposed to it.  Patient privacy issues are complicated and if not handled correctly create risks for healthcare providers and healthcare employees, including financial penalties. Even in times of emergency, the protections of the Privacy Rule are not set aside. With the public wanting to know who has been exposed, who has been tested, and who has COVID-19, as well as all the details about individual patients and their families, healthcare providers need to know what can be disclosed in a manner consistent with HIPAA’s Privacy Rule.  Healthcare workers must also know that they are not authorized to disclose information on individuals even when they think that it is in the best interest of the public. HIPAA privacy standards still apply even when disclosures are permitted.  Thus, now more than ever, healthcare providers must have strong policies and procedures in place that their employees know and follow. From clinicians to maintenance staff, healthcare providers should make sure that individual staff members understand their obligations and HIPAA’s privacy protections.   

Lisa English Hinkle is a Member of McBrayer law. Ms. Hinkle chairs the healthcare law practice and is located in the firm’s Lexington office. Contact Ms. Hinkle at lhinkle@mcbrayerfirm.com or (859) 231-8780, ext. 1256, or reach out to any of the attorneys at McBrayer. 

Services may be performed by others.

This article does not constitute legal advice.

Healthcare Entities: How is Your Cyber Security?

In an evolving world of cyber terrorism where individuals such as Edward Snowden grab headlines by stealing national secrets, it should come as no surprise that protected healthcare information (“PHI”) kept by providers has become a “target rich environment” for foreign governments and individual hackers alike. In addition to threats from outside entities, healthcare providers must also realize and appreciate that state and federal regulatory and statutory requirements govern the creation, maintenance and protection of PHI, including through but not limited to the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology for Economic and Clinical Health (“HITECH”) Act.  Failure to abide by these complex and stringent rules can lead to significant penalties.  More >

HHS Finalizes Exception to HIPAA Privacy Rule for Firearm Background Checks

In January of 2016, the Department of Health & Human Services (“HHS”) issued a final rule modifying the HIPAA Privacy Rule.[1] This modification allows certain covered entities to disclose the identities of certain individuals to the National Instant Criminal Background Check System (“NICS”), a database maintained by the FBI. The information disclosed by the entities would pertain to an individual’s mental health, preventing those subject to a federal “mental health prohibitor” from possessing or receiving a firearm. Such a disclosure naturally creates a tension in the patient-provider relationship, however, and critics contend it could potentially discourage mentally ill individuals from seeking treatment.


[1] 45 C.F.R. §164 (2016) More >

New Guidance Maps HIPAA Security Rule to NIST Cybersecurity Framework to Help Providers Manage Cybersecurity Risk

In a world of looming data breaches and significant penalties for the release of protected health information, the complexities of cybersecurity and compliance with the HIPAA Security Rule can be incredibly daunting. In 2014, in response to the growing threat of data breaches, the National Institute of Standards and Technology (“NIST”) released the Framework for Improving Critical Infrastructure Cybersecurity (“the Framework”) as a means to standardize best practices in cybersecurity across organizations. To assist providers with implementing the Framework while remaining in compliance with the HIPAA Security Rule, the Department of Health and Humans Services Office for Civil Rights (“OCR”) published a HIPAA Security Rule Crosswalk (“the Crosswalk”) to tie the standards together and help strengthen cybersecurity preparedness. More >

Lexington, KYLouisville, KYFrankfort, KY: MML&K Government SolutionsWashington, D.C.