Overview of Privacy and Security Services Offered:

At EpsteinBeckerGreen, we counsel our clients on a daily basis regarding federal and state laws related to health information privacy and security. Our attorneys are frequent authors and lecturers on privacy and security topics, and also serve on the Advisory Boards of such publications as Report on Patient Privacy, The Medical Information Technology Law Report, Thompson's Employer's Guide to HIPAA and The Privacy Officers Advisor, the official newsletter of the Privacy Officers Association.

EpsteinBeckerGreen provides legal services to all sectors of the health care industry. Our services include:

• Assisting organizations with HIPAA implementation and compliance advice
• Preparing and implementing FTC Red Flag Rule and Address Discrepancy Rule policies and providing compliance advice
• Conducting privacy and security risk assessments and creating policy development tools and services
• Creating privacy use and disclosure compliance inventories
• Conducting client educational and training seminars on various privacy and security issues
• Advising organizations on Gramm-Leach-Bliley Act ("GLB") compliance
• Assisting organizations with responses to security breaches in order to mitigate impact and reduce or prevent identity theft
• Assisting clients with responses to government audits and investigations of privacy and security breaches
• Counseling organizations regarding the European Union Directive on Data Protection safe harbor
  
  

Examples of Privacy and Security Legal Services EpsteinBeckerGreen Attorneys Recently Provided to Clients:

• Drafted written Identity Theft Prevention Programs in compliance with FTC Red Flag Rules
• Updated HIPAA policies and procedures to comply with the new requirements under the American Recovery and Reinvestment Act of 2009
• Assisted clients with discovery issues associated with medical records and protected health information
• Utilized Internet-based expert system to document clients' compliance with the HIPAA standard
• Created, in conjunction with a health care consulting company, a HIPAA privacy and security implementation and compliance manual for 10 national medical specialty societies
• Conducted multi-state surveys of state health privacy laws to prepare HIPAA preemption analyses in connection with health care providers and suppliers operating in multiple states
• Prepared Notices of Privacy Practices for managed care entities and employer group health plans in accordance with HIPAA, GLB, and state law requirements
• Analyzed hospital and health system privacy and security practices; provided advice regarding HIPAA implementation and compliance; prepared HIPAA guidance and compliance materials; and conducted HIPAA educational seminars
• Created Business Associate Agreements designed to address our clients' needs – from simple documents that track the regulation, to complex and annotated contracts
• Assisted organizations throughout the health care industry to implement the various HIPAA requirements related to the privacy standards and the transaction and code set standards
• Drafted clinical research and sponsored research agreements provisions relating to HIPAA privacy standards
• Provided advice on HIPAA compliance during recruitment and conduct of clinical trials