Healthcare Privacy and Data Security
We routinely help our clients address privacy, cybersecurity, and electronic transaction issues, including under the U.S. Health Insurance Portability and Accountability Act (HIPAA). These clients include both HIPAA covered entities (health care providers and health plans) and HIPAA business associates (such as information technology firms and other service providers), as well as others indirectly affected by the privacy-related legal requirements. We have extensive experience assisting clients in sensitive and complex privacy matters ranging from novel digital health solutions requiring transfer of patient data, to government investigations of privacy breaches, to subject data issues in global clinical trials. We counsel clients on the basics of HIPAA compliance and on the complexities of compliance in challenging circumstances. We work with clients in the event of data security breaches, assisting them on each step of the process of responding to, mitigating, and attempting to allocate responsibility for the occurrence and consequences of those breaches.