HIPAA Privacy Guidelines Every Lawyer Needs To Know
Why Attend?
All lawyers and law firms need to understand and will want to minimize their exposure under Health Insurance Portability and Accountability Act (HIPAA) privacy regulations. Lawyers and law firms acting on behalf of clients may face direct legal responsibility for HIPAA compliance, and need to be able to identify when HIPAA privacy applies. If your firm handles health information in advising clients, do you know when HIPAA applies, and if so, do you know what HIPAA requires the firm to do to safeguard the information? Have you provided adequate HIPAA training within your firm? Do you know what HIPAA governmental reporting requirements apply to you or your firm? Do you know that the stimulus law, the American Recovery and Reinvestment Act (ARRA), adds new requirements and increased penalties for HIPAA violations?
This program will help lawyers and law firms identify when HIPAA might affect its practice areas and discusses some of the special legal and professional responsibility issues that law firms face.
What You Will Learn
When Does HIPAA Apply?
When a lawyer or law firm handles personal health information, when does HIPAA apply? Avoid inadvertent violations by you and/or your law firm and your clients by understanding the basics of when HIPAA applies directly and indirectly to law firms. This first session answers questions such as:
What clients are directly subject to HIPAA?
What health information typically held by a law firm is protected by HIPAA?
When is a law firm’s own health plan directly subject to HIPAA?
How do you handle health information for a client who is an individual? A litigant? Employer with employment or benefits questions? Insurance company? Medical provider? A third party administrator (TPA)?
How does HIPAA apply if your client asks about access and rights to his or her own medical information through HIPAA?
What different roles can a lawyer/law firm have under HIPAA? How can a lawyer/law firm be a “business associate” of a client and thus directly subject to HIPAA? What are other ways a lawyer/law firm can be subject to HIPAA?
Lawyer/Law Firm Duties Under HIPAA
What are the duties for a lawyer/law firm in its various roles, with a focus on the increased Business Associate responsibilities under the ARRA? Business Associates will be directly responsible for certain HIPAA requirements, and directly responsible for the increased HIPAA penalties. Lawyers/law firms will need to understand and comply with these requirements. This second session answers question such as:
Who needs to have HIPAA training within the firm?
What HIPAA policies and procedures does the firm need to maintain?
When does health information need to be treated differently from other client files? What compliance steps do you need to take (restricted files, computer access issues, record retention)?
When and how is a lawyer allowed to use and disclose health information under HIPAA? What about authorizations? E-Disclosures? What governmental reporting is required?
What are the new penalties and responsibilities that apply?
Ethical Issues
Practical and ethical issues abound with required disclosures of confidential client information. The faculty discusses:
Disclosures of breaches to Health and Human Services (HHS) and other government entities and the effect on attorney-client privilege
Conflicts involved in drafting business associate agreements between law firm and own client
Issues involving possible rights of plan participants to health information of fiduciaries under the “fiduciary exception” to attorney-client privilege
Risks of inadvertent multiple representation
How restricting access within the firm under the HIPAA rules intersects with professional standards for treatment of confidential information
Faculty
Cynthia A. Van Bogaert, Boardman, Suhr, Curry & Field LLP, Madison, Wisconsin
Roberta Casper Watson, Trenam, Kemker, Scharf, Barkin,
Frye, O'Neill & Mullis, P.A., Tampa, Florida
Questions will be taken and addressed throughout the program. Questions may be sent in advance to aweinberg@ali-aba.org. Please put “HIPAA faculty question” in the subject line of your email.
Program Schedule
TUESDAY, JUNE 9, 2009
1:00 p.m. When Does HIPAA Apply
1:30 p.m. Lawyer/Law Firm Duties Under HIPAA
2:00 p.m. Ethical Issues
2:30 p.m. Adjournment
Total 60-minute hours of instruction: 1.5 (including 0.5 ethics credit)
Suggested Prerequisite: Some experience in practice in subject matter
Educational Objective: Acquisition of knowledge and skills to develop proficiency as a practitioner; maintenance of professional competence as a practitioner; provision of information on recent legal developments
Level of Instruction: Intermediate
Times
Eastern 1 pm – 2:30 pm
Central 12 noon – 1:30 pm
Mountain 11 am – 12:30 pm
Pacific and Arizona 10 am – 11:30 am
Alaska 9 am – 10:30 am
Hawaii 7 am – 8:30 am
