Health Information Privacy & Security

Protecting Your Most Sensitive Information

Is your business a health care provider or payor, or a company doing business with these entities? If so, you face a complex framework of overlapping, often conflicting privacy and data security laws and regulations. And when an issue arises in connection with everyday business, it can present significant compliance and risk management issues — in the worst case, state and federal breach notification obligations. Our team is immersed in this ever-changing area of the law.

Awards

Modern Healthcare 2023

Modern Healthcare Top Healthcare Law Firms 2023 Data Dive by the numbers.

Chambers USA

Health Law Practice recognized Nationally and in Boston, New York and Washington, DC

Legal 500 United States

Practice recommended in Health Care: Life Sciences, Health Care: Service Providers

U.S. News and Best Lawyers®

Nationally ranked Tier 1 for Health Care

Our Approach

There's no shortage of rules on how identifiable health information may be accessed, used, and disclosed. HIPAA and other federal privacy laws, state privacy and data security laws, and a developing body of privacy-related common law all apply. Mintz has deep experience advising health care industry clients on health information privacy. Our team addresses matters ranging from day-to-day privacy and security compliance to the structure of complex, multiparty data aggregation and data sharing programs.

We're adept at helping you find the simplest, most streamlined approach to permissible access, use, and transfer of health information. Because simplicity is more than just efficient and cost-effective — it's the approach that facilitates compliance by reducing workforce confusion and the risk of error.

Areas of Focus

Internal investigations of employee HIPAA violations
Large and complex data acquisition, aggregation and warehousing efforts
Management of Office for Civil Rights (OCR) investigations and complaints
Compliance with subpoenas and third-party requests for health information
Privacy and security compliance review and remediation
OCR and third-party audit assistance
Incident response, including investigation, mitigation, and resolution of privacy and security breaches

Extensive Experience in Key Areas

HIPAA Privacy, Security, and Breach Notification Rules
Data breach and security incident response
The developing body of privacy-related common law
State privacy and data breach laws

Meet Mintz

We have deep experience advising clients on health information privacy and security issues — addressing everything from day-to-day compliance matters to structuring complex, multiparty data acquisition and exchange programs.