Harvard University’s tax-exempt status has been questioned by the Trump Administration—with Harvard responding that there is no legal basis for a revocation. The Administration’s action...
Many states are implementing energy benchmarking programs to track and identify energy use in buildings. These programs aim to encourage energy efficiency and reduce greenhouse gas emissions. Check out...
When engaging in M&A discussions, parties should prioritize rigorous confidentiality measures to protect sensitive business information. Our new confidentiality agreement playbook offers valuable insights...
This practice note discusses Institutional Review Boards (IRBs) within the United States, including their purpose, history, and regulatory framework. The note is a valuable resource for advising life sciences...
Do you need guidance on tipped employee requirements under the Fair Labor Standards Act (FLSA)? Read our newly published checklist, Tipped Employees Checklist (FLSA) , for helpful information. Read now...
By Robin McManigal | Practice Area Expert
The landmark Health Insurance Portability and Accountability Act of 1996 (HIPAA) (Pub.L.No. 104-191) signed into law by President Clinton on August 21, 1996, was a comprehensive piece of legislation that sought to modernize the flow of healthcare information and regulate how personally identifiable information (PII) maintained by healthcare entities should be protected. In the more than two decades since that time, HIPAA has been the source of headline-making federal investigations, high-stakes litigation, and detailed compliance plans.
For healthcare executives and their lawyers, perhaps the most significant provisions of HIPAA are contained in the Administrative Simplification Rules, which were implemented under 42 U.S.C. §§ 1320d to 1320d-9 . These rules cover four areas:
Many employers that sponsor group health plans and are involved in plan administration may be subject to all or most of these results. They are not to be taken lightly; penalties for non-compliance can be severe.
It was my privilege to recently host a LexisNexis webinar, “HIPAA — Understanding Enforcement, Penalties & Research Strategies,” in which we examined the four key areas of HIPAA administrative simplification rules and unpacked the various rules requirements that healthcare entities need to follow.
These requirements break down into several categories of federal enforcement:
Healthcare entities and their business associates can help avoid HIPAA violation penalties by following some important best practices. These nine tips are extracted from HIPAA Enforcement and Penalties, a practice note published by Lexis Practical Guidance:
These nine action items are not only best practices for a healthcare entity from a business perspective, they should also put the organization in a good position if OCR initiates a HIPAA audit. These pro-active steps can be the difference between substantial penalties and no penalty.
The Lexis Practical Guidance team has assembled a number of important resources to help legal professionals navigate the complex challenges associated with HIPAA compliance.
The HIPAA Resource Kit includes Practical Guidance materials in the form of detailed practice notes such as the HIPAA Privacy, Security, Breach Notification, and Other Administrative Simplification Rules and; HIPAA Enforcement and Penalties; checklists; templates; and specific clauses that can be used in keeping healthcare entities HIPAA-compliant. It also includes a HIPAA regulatory enforcement tracker which highlights recent guidance and enforcement actions taken by the OCR; short instructional videos narrated by legal experts in the field, and a PowerPoint presentation that can be used for training employees on HIPAA compliance.
Experience Lexis Practical Guidance on Lexis+ with a free 7-day trial.