Foley & Lardner, together with PYA, hosted a Let’s Talk Compliance informal discussion and Q&A on HIPAA Breach & Penalties on Friday, April 30. The panel of presenters included Foley Partner Jennifer Urban, PYA Principal Barry Mathis, and Mayo Clinic’s Legal Counsel Betty H. Khin who moderated the discussion.
Below are some major takeaways from the day’s discussion.
- Familiarize yourself with and take advantage of, the HIPAA Safe Harbor Bill by implementing recognized security practices.
- Watch for updates from HHS/OCR on new HIPAA enforcement rules.
- Make sure you have access procedures that are compliant with HIPAA’s right of access requirements, conduct a security risk analysis, and use its findings to develop and implement risk management plans.
- If you are thinking about the HIPAA Safe Harbor Rules as a future response strategy, consider creating and maintaining a documentation library that demonstrates your compliance. Practice desk audit scenarios within your organization where the story must be told through only a paper trail.
- The Fifth Circuit Court of Appeals ruling and comments on the M.D. Anderson case should be reviewed by your compliance and IT risk management teams as an example of how a small infraction can lead to a large investigation. Had M.D. Anderson not been managing their risks, the court may have denied the appeal.
- Compliance is no longer a standalone report. It is a program with a strategy, action plan, and measurable activity producing documentation to demonstrate mitigation and compliance maturity.
Please reach out to us if you have any questions.
You can listen to this program in its entirety, at no cost, and download slides from the session by clicking here. Be sure to check out this additional Let’s Talk Compliance resource:
- Master Class Key Takeaways Blog
- Provider Relief Fund: Reporting Requirements and Compliance Concerns Webinar & Key Takeaway Blog
- The Telemedicine Cliff: Approaches for Navigating to the Other Side of the Public Health Emergency
We are working on developing future Let’s Talk Compliance events—the next one scheduled for July—so stay tuned for dates and details!
Foley & Lardner has been providing Health Care Law and business consultative services for more than 45 years. Our team of more than 150 attorneys regularly provides innovative, leading edge counsel to the entire spectrum of the healthcare industry. With offices throughout the United States, Foley’s Health Care Industry Team is consistently ranked as one of the top healthcare law firms nationally and regionally by Chambers USA and U.S. News. Foley remains at the forefront of health policy and law, advocating the interests of our health care clients in legislatures, administrative agencies, courts and boardrooms across the country.
PYA is a professional services firm with specialized expertise in healthcare consulting and certified public accounting. PYA’s multi-disciplinary Healthcare division serves hospitals, health systems, clinically integrated networks, physician groups, and specialty practices. Our healthcare services are structured around three main pillars: Strategy & Integration, Valuation (business, compensation, machinery and equipment, and litigation support), and Compliance. PYA consistently ranks as a Top 20 healthcare consulting firm and a Top 100 accounting firm in the U.S. Drawing upon the expansive depth of knowledge and breadth of experience of more than 300 professionals across offices in Atlanta, Kansas City, Knoxville, Nashville, and Tampa, and address the specific needs of a client base that spans 50 states.