• Krieg DeVault is proud to sponsor the 25th Anniversary of
    Indianapolis Business Journal’s Forty Under 40 Program.

    Forty Under Forty
  • A Sampling of our recent Transactions with some of our many Successful Clients.

  • Krieg DeVault provides transaction counsel to $22.9 million restoration
    and adaptive reuse of South Bend's Studebaker Innovation Center.

  • Krieg DeVault Attorneys named to 2017 Best Lawyers in America© Listing;
    Attorneys Receive Lawyer of the Year Honors.

    2017 Best Lawyers Slider
  • Krieg DeVault's Real Estate Practice helps client Kittle's Furniture
    reestablish its Indianapolis roots.

Health Information Privacy/HIPAA

PDFEmailPrint

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) protects the privacy and security of individually identifiable health information, known as Protected Health Information (PHI), and established certain rights of individuals with respect to that information.

Generally, the Privacy Rule under HIPAA addresses how Covered Entities and their Business Associates may properly use and disclose PHI while allowing the exchange of information necessary to promote quality patient care.  The HIPAA Security Rule established a national set of administrative, physical and technical standards to protect PHI held by Covered Entities in electronic form.  In addition, HIPAA includes a Breach Notification Rule outlining the steps Covered Entities and Business Associates must take in the event of a breach of unsecured PHI. The scope of the privacy and security protections available under HIPAA were expanded through enactment of the Health Information Technology for Economic and Clinical Health Act (HITECH).  In addition to imposing the Breach Notification Rule, HITECH increased the penalties for HIPAA violations and increased the liability of Business Associates by making them directly responsible for compliance with certain HIPAA provisions.  

Krieg DeVault has extensive experience assisting Covered Entities and Business Associates in the application of HIPAA and other Federal and State law requirements governing the privacy and security of PHI and other personal information.  Areas of expertise include the following: 

  • Identification, mitigation, investigation and correction of breach incidents
  • Breach risk assessments and notification to individuals and Federal and State authorities
  • HIPAA/HITECH compliance and training programs
  • Representation in connection with audits, investigations, subpoenas and enforcement actions by Federal and State authorities
  • Drafting and negotiating Business Associate Agreements
  • Adoption and meaningful use of electronic health records (EHR)
  • Health information exchange (HIE) arrangements

 

 

Stephanie T. Eckerle
Partner

Stacy Walton Long
Of Counsel

Maggie C. Little
Associate

Susan E. Ziel
Integrity Health
Strategies Consultant

Sarah Stites Millspaugh
Senior Attorney