Wednesday, April 16, 2014

ABA Webinar on HIPAA for Law Firms

Hat tip to Bill Freivogel for noting an upcoming webinar presented by the ABA, set for April 21 (1pm Eastern): "You Mean HIPAA Applies to Lawyers? Keeping Data Safe, Clients Happy and Your License Secure" --
  • Lawyers have long been aware of their ethical legal duties to keep client information confidential and safe— these ethical duties are deeply rooted in state bar driven ethics rules and the common law. HIPAA takes those obligations a step further.
  • Beginning in February 2010, as mandated by 2009’s HITECH Act, many lawyers, with little fanfare or publicity, became directly federally regulated when it comes to using, disclosing, and safeguarding their client’s data. In fact, lawyers are now required to engage in specific types of risk analyses, documentation, and employee training in relation to client health information.
  • As a result of HITECH, lawyers who practice in many areas of law may now fall under the HIPAA definition of a business associate, oftentimes inadvertently.  In turn, many law firms will be directly federally regulated by provisions of the HIPAA Security Rule, Privacy Rule, and Enforcement Rule as a matter of law.
This program provides a foundational background of HIPAA and HITECH and provides an overview of the following:
  •     How law firms become business associates (intentionally or inadvertently)
  •     What HIPAA requires of law firm business associates
  •     How to properly safeguard client data
  •     Unauthorized uses and disclosures
  •     What constitutes a “breach”
  •     Business associate requirements in case of a breach
  •     Penalties, criminal, and civil liability associated with HIPAA
  •     Potential other ethical conflicts caused by HIPAA as you are forced to execute contractual agreements with clients
See the ABA web site for registration details and information on CLE credit. And see also a previous webinar recording presented by Intapp, featuring Vorys: "Complying with the 'Minimum Necessary' Standard of the HIPAA Privacy Rule."

No comments:

Post a Comment