Applicable Provider Types: All

Is Your Entity in Compliance?

The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009 (HIPAA) requires covered entities and their business associates to implement policies and procedures to prevent, detect, contain and correct security violations. Under the HIPAA Security Rule, entities must “periodically” perform a security risk assessment, which can be adapted to the size and sophistication of the entity. While the general approach is to perform one annually, some organizations may do so bi-annually and others every three years.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of William Clayton Landa William Clayton Landa

Clay’s practice focuses on assisting national hospital chains, nursing homes, community hospitals, ambulatory surgery centers, private physician practices, solo practitioners, pharmacies, mental healthcare provider, dental providers and laboratories with their corporate, transactional, and regulatory compliance matters.

Photo of Allyson M. Maur Allyson M. Maur

Allyson advises on regulatory issues affecting diagnostics developers, biopharma manufacturers, and clinical laboratories, including CLIA/CLEP and FDA regulatory advice, MLR and MRC review of marketing and promotional materials, clinical studies, global data privacy issues, ethics & compliance, commercial contracting, commercial litigation and more.

Allyson advises on regulatory issues affecting diagnostics developers, biopharma manufacturers, and clinical laboratories, including CLIA/CLEP and FDA regulatory advice, MLR and MRC review of marketing and promotional materials, clinical studies, global data privacy issues, ethics & compliance, commercial contracting, commercial litigation and more. Allyson’s healthcare regulatory work ranges from clinical bioethics and informed consent issues to counseling on compliance with U.S. federal fraud, waste, and abuse laws such as the Anti-Kickback Statute, Stark Law, Sunshine Act, and their state law equivalents, as well as HIPAA, state healthcare privacy laws, change of ownership and state licensing requirements for various healthcare and healthcare adjacent entities.

Photo of Daniel Bush Daniel Bush

Danny practices as part of the firm’s healthcare department, where he focuses on corporate healthcare mergers and acquisitions as well as regulatory compliance. Danny completed his undergraduate degree at the University of Washington and then both his law degree and Master of Health…

Danny practices as part of the firm’s healthcare department, where he focuses on corporate healthcare mergers and acquisitions as well as regulatory compliance. Danny completed his undergraduate degree at the University of Washington and then both his law degree and Master of Health Administration at the University of Iowa.