Health Information Technology and Privacy

Powers Pyles Sutter & Verville has been intimately involved in developing and shaping federal policy and law with respect to the privacy of health information in a digital world, prior to and since the enactment of the Health Insurance Portability and Accountability Act of 1996.

Powers, working with professional associations, was one of the few firms to advocate that the regulations implementing HIPAA be consistent with established standards for the ethical practice of medicine and psychotherapy. The firm also was involved in shaping provisions of the Health Information Technology for Economic and Clinical Health Act of 2009, as well as its implementing regulations and guidance.

The firm has applied its depth of knowledge and experience in this area to assist clients in understanding and complying with federal and state privacy laws and in responding to electronic health information privacy breaches and investigations. We also assist our clients on issues relating to the Federal Common Rule, federal mental health and substance abuse laws, and state privacy laws.

Powers attorneys also devised one of the first checklists for providers to verify compliance with the new HIPAA Privacy Rule and participated in the first litigation testing the constitutional, statutory and procedural validity of the standards contained in the HIPAA Privacy Rule. Drawing on this experience, Powers attorneys have provided legal counsel and representation to numerous providers and professional associations in connection with issues arising under the HIPAA statute and regulations. They also have filed numerous amicus curiae (friend of the court) briefs addressing health information privacy legal issues and have testified before Congress and in court in an “expert witness” capacity on the relationship of information technology to patients’ health information privacy rights, as well as the ethical obligations and legal duties of providers in protecting the privacy of health information.

Our attorneys use their in intimate knowledge of the law surrounding health information technology and privacy to counsel clients on health IT, security, and compliance issues with an emphasis on avoiding violations of health privacy laws. We have worked closely with numerous healthcare systems and providers to structure and implement compliance programs for both the HIPAA Privacy and Security Rules. We assist with drafting necessary documents including HIPAA policies and procedures, Notices of Privacy Practices, Authorizations for Release of Protected Health Information, and Business Associate and Data Use Agreements–that are tailored to clients’ needs. We have also developed model practice guidelines and other HIPAA documents for healthcare associations to provide to their members.

In addition, we provide guidance on strategies to incorporate Privacy Rule compliance requirements, including “minimum necessary” standards, into regular business practice. The firm represents more than 20 clinical data and public health registries and advises these entities on both HIPAA and Common Rule issues raised by the collection of identifiable patient data from hospitals, physicians, and other providers.

Should an organization be faced with allegations of non-compliance with applicable HIPAA standards, Powers attorneys are well-positioned and well-qualified to provide representation in HIPAA enforcement actions at both the administrative and judicial levels and have established relationships with top breach remediation experts to minimize the damage to an organization and its patients from a breach. Experienced Powers litigators are available to assist clients in every aspect of defending a HIPAA enforcement claim, from the investigative stage through administrative litigation and, if necessary, in the federal courts.

Powers attorneys also assisted in researching and drafting the pivotal health care industry guideline “The Financial Impact of Breached Protected Health Information”, ANSI, et al. (March 2012) that accurately predicted the electronic health information privacy breach epidemic in which more than 160 million Americans have had their health information privacy breached in the six years, and providers and practitioners have experienced dramatically accelerating costs of cyber security. Powers attorneys have also appeared on major network news broadcasts as experts in the field of health information privacy.

The preservation of patient privacy and trust in an evolving digital world is one of the most challenging issues in health reform. Powers attorneys continue to work with Congressional leaders from both sides of the aisle and with the top experts in the field to find ways to secure the privacy of health information in the digital age and reduce liability risks for providers, practitioners and patients. Our firm has been involved in every phase of this complex area of the law and our attorneys are prepared to assist clients as they face this challenge on a daily basis.

Download PDF