Succession planning is a critical aspect of managing small, closely held businesses, as the unexpected departure of a key leader can significantly disrupt operations and challenge the business's legal...
Entering into a letter of intent for an office lease agreement? Consult our playbook for valuable key provisions, alternative language provisions, and guidance for both landlords and tenants. Download...
In the complex world of M&A transactions, transition services agreements (TSAs) serve as critical bridges between deal closing and operational independence thus creating stability during organizational...
This practice note covers key legal and regulatory issues to evaluate, questions to ask, and documents to review in medical device or diagnostic technology deals, including M&A, investments, financings...
By Robin McManigal | Practice Area Expert
The landmark Health Insurance Portability and Accountability Act of 1996 (HIPAA) (Pub.L.No. 104-191) signed into law by President Clinton on August 21, 1996, was a comprehensive piece of legislation that sought to modernize the flow of healthcare information and regulate how personally identifiable information (PII) maintained by healthcare entities should be protected. In the more than two decades since that time, HIPAA has been the source of headline-making federal investigations, high-stakes litigation, and detailed compliance plans.
For healthcare executives and their lawyers, perhaps the most significant provisions of HIPAA are contained in the Administrative Simplification Rules, which were implemented under 42 U.S.C. §§ 1320d to 1320d-9 . These rules cover four areas:
Many employers that sponsor group health plans and are involved in plan administration may be subject to all or most of these results. They are not to be taken lightly; penalties for non-compliance can be severe.
It was my privilege to recently host a LexisNexis webinar, “HIPAA — Understanding Enforcement, Penalties & Research Strategies,” in which we examined the four key areas of HIPAA administrative simplification rules and unpacked the various rules requirements that healthcare entities need to follow.
These requirements break down into several categories of federal enforcement:
Healthcare entities and their business associates can help avoid HIPAA violation penalties by following some important best practices. These nine tips are extracted from HIPAA Enforcement and Penalties, a practice note published by Lexis Practical Guidance:
These nine action items are not only best practices for a healthcare entity from a business perspective, they should also put the organization in a good position if OCR initiates a HIPAA audit. These pro-active steps can be the difference between substantial penalties and no penalty.
The Lexis Practical Guidance team has assembled a number of important resources to help legal professionals navigate the complex challenges associated with HIPAA compliance.
The HIPAA Resource Kit includes Practical Guidance materials in the form of detailed practice notes such as the HIPAA Privacy, Security, Breach Notification, and Other Administrative Simplification Rules and; HIPAA Enforcement and Penalties; checklists; templates; and specific clauses that can be used in keeping healthcare entities HIPAA-compliant. It also includes a HIPAA regulatory enforcement tracker which highlights recent guidance and enforcement actions taken by the OCR; short instructional videos narrated by legal experts in the field, and a PowerPoint presentation that can be used for training employees on HIPAA compliance.
Experience Lexis Practical Guidance on Lexis+ with a free 7-day trial.
* The views expressed in externally authored materials linked or published on this site do not necessarily reflect the views of LexisNexis Legal & Professional.