The Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), as amended by the Health Information Technology for Economic and Clinical Health Act (HITECH”), and their related regulations, as well as numerous other State and Federal laws, require providers, health plans and business associates to implement extensive compliance programs to safeguard the privacy and security of protected information. GW has developed an extensive understanding of the legal, technical and practical application of these laws in the health care and business associate setting. As such, GW has the experience and practical knowledge necessary to assist its clients in relation to this evolving and complex area of law and regulation.

The HIPAA Practice Group provides the following HIPAA compliance implementation services:

  • A legal compliance analysis of client business practices, records, and documents
  • Policies, procedures and forms to achieve compliance with patient confidentiality and security laws
  • Practical guidance on implementation of required policies and forms
  • Programs to detect and address violations
  • Educational programs and training methods to communicate client compliance standards to staff members
  • Monitoring programs to ensure ongoing compliance with HIPAA and other confidentiality laws
  • Guidance in responding to HIPAA breaches
  • Assistance in responding to government inquiries, investigations and audits regarding access, use and disclosure of protected information.