HIPAA/HITECH
Our experience with the Health Insurance Portability and Accountability Act (HIPAA) began before it was even signed into law. Phil was the primary attorney at Target for all group health plan HIPAA compliance from the first day of implementation, and through the development of new regulatory guidance under the HITECH Act. The HIPAA plan program covers almost a million participants (with family) and spans the United States and international programs.
Phil also managed an OCR audit on HIPAA in 2012 from the initial notification to the final closing letter which was almost a year later. He was able to successfully negotiate with the auditors almost all of the potential issues down to one minor finding. The audit consisted of five auditors on site for five days, with months of follow up work. The auditors expressed that it was a tremendous compliance program, and it was believed to be one of the best HIPAA/HITECH audits in the country.
Mark's work with HIPAA has been largely from the perspective of designing HIPAA-compliant programs for health care industry vendors and entrepreneurs. Recently Mark has been active developing and updating HIPAA Privacy and Security policies for both covered entities and business associates that must comply with new requirements under the final HIPAA rule no later that September 23, 2013. This practice has become increasingly complex, and as the penalties have risen to $50,000 per violation in some cases, the stakes are high.
Phil also managed an OCR audit on HIPAA in 2012 from the initial notification to the final closing letter which was almost a year later. He was able to successfully negotiate with the auditors almost all of the potential issues down to one minor finding. The audit consisted of five auditors on site for five days, with months of follow up work. The auditors expressed that it was a tremendous compliance program, and it was believed to be one of the best HIPAA/HITECH audits in the country.
Mark's work with HIPAA has been largely from the perspective of designing HIPAA-compliant programs for health care industry vendors and entrepreneurs. Recently Mark has been active developing and updating HIPAA Privacy and Security policies for both covered entities and business associates that must comply with new requirements under the final HIPAA rule no later that September 23, 2013. This practice has become increasingly complex, and as the penalties have risen to $50,000 per violation in some cases, the stakes are high.