The intersection of information technology and privacy is one of the fastest-evolving areas in healthcare law today, and Bradley’s attorneys are on the cutting edge of the field. With recent advances in health information technology, patient privacy and security protections are more important than ever. We understand how crucial it is for healthcare providers and their business associates in the healthcare industry to secure their health and personal information, both to avoid violating applicable privacy and data security laws and to safeguard their own operational integrity.
The members of our health information technology practice have extensive experience in health IT, information security, and privacy, including electronic health records (EHRs), HIPAA, software and technology licenses and lease agreements, data sharing agreements for health information exchanges (HIE), and vendor dispute resolution. We apply our practice to a number of areas, including a broad range of medical privacy and security laws, such as federal and state privacy and security breach laws; outsourcing; and software licensing and other technology transactions on behalf of hospitals, long-term facilities, health plans, health information organizations, physicians, group purchasing organizations, employers, consultants, and technology companies.
Our attorneys are there to assist our clients when potential breach reports come in by providing breach identification, response, and notice to the HHS Office for Civil Rights (OCR) and state agencies as necessary. We stand side by side with our clients to protect their interests, with resources such as onsite education, regulatory advice, and assessment. We also help with the development of policies and procedures on transactional, regulatory, and operational matters related to the HIPAA and HITECH EHR programs and to privacy and security standards. In addition, we counsel healthcare providers on data sharing agreements, consent policies, authorizations, notices of privacy practices, business associate contracts, and health plan certifications.
As a reflection of our deep involvement in the industry, Bradley’s health privacy lawyers hold leadership positions in a variety of relevant professional associations, including the Health Information Management Systems Society (HIMSS) and American Health Lawyers Association (AHLA). Our attorneys also have been authors and speakers for AHLA, HIMSS, and the HHS/NIST HIPAA Security Rule Conference, Tennessee Bar Association, Nashville Council of Health Care Attorneys, Society of Ohio Hospital Attorneys, Medical Group Management Association, and American Health Care Association. They cover topics such as EHRs, HIPAA privacy and security, information technology liability issues, vendor management, breach response, technology donations to physicians under the Stark and anti-kickback rules, and general compliance.