Fenton Law Group regularly advises clients on issues related to HIPAA, the Health Insurance Portability and Accountability Act. Our HIPAA lawyers assist clients in ensuring their compliance with security and privacy requirements for healthcare information.
Although the term “HIPAA” has become synonymous with patient privacy, California healthcare providers need to be equally concerned with “CMIA,” the Confidentiality of Medical Information Act. Together, these two laws address not only patient privacy requirements, but also electronic standardization, security, and other requirements governing the handling and transmission of health information.
Federal and California law have significant differences in the area of patient privacy. With respect to coverage for example, HIPAA regulations apply to “covered entities,” which include healthcare providers who transmit healthcare information in electronic form (using a standard transaction), healthcare clearinghouses (e.g. billing companies), and health plans. CMIA, by contrast, has a far broader scope of coverage. In many areas, CMIA is actually more stringent than HIPAA in establishing safeguards for patient privacy.
Fenton Law Group routinely designs and implements HIPAA compliance plans, which the Health Information Technology for Economic and Clinical Health (HITECH) Act rendered mandatory for both covered entities and business associates beginning on February 17, 2010. In addition to preparing compliance plans, Fenton Law Group provides the following specific services:
HIPAA lawyers at Fenton Law Group counsel providers to determine and ensure HIPAA compliance and CMIA compliance, or when responding to allegations of noncompliance by state and federal regulators. We have assisted numerous providers, including physician organizations, skilled nursing and other long-term care facilities, educational institutions, software providers, and medical billing companies, with developing compliant notices and practices in their practices.
We also regularly respond to patient complaints concerning the handling of private information, and have defended lawsuits and administrative disciplinary actions involving these issues before both federal and state regulators.