The Paper Tiger Begins to Roar: HIPAA, the HITECH Act, and the Risks to Lawyers and Their Clients CLE

The Paper Tiger Begins to Roar: HIPAA, the HITECH Act, and the Risks to Lawyers and Their Clients

September 2010

The Paper Tiger Begins to Roar: HIPAA, the HITECH Act, and the Risks to Lawers and Their Clients

Program Description

The HITECH Act, effective February 17, 2010, substantially enhanced civil penalties for HIPAA violations, added security breach notification requirements, and extended HIPAA's most important security to third parties who service HIPAA-covered entities, including law firms. With state attorneys general newly empowered to enforce HIPAA, lawyers and their clients in the health care industry or who sponsor HIPAA-covered, employee benefits plans should start preparing now, not just for a security breach but also for the government investigation that could follow. This presentation will address the following:

- General background/refresher on HIPAA's scope and key requirements

- HIPAA's enhanced penalties and new enforcement environment

- The HITECH Act's new security breach notification requirements

- Steps lawyers and their clients can take to comply and reduce the risk of a security breach

- How to respond when a security breach inevitably occurs.

- How to respond to a security incident involving protected health information and recent agency actions regarding the Security Breach Notification Regulations

Agenda

11:30 am - 12:00 pm

Registration

12:00 pm - 1:00 pm

Program

1:00 pm

Adjourn

Faculty

Philip L. Gordon, Esq.

LITTLER MENDELSON, P.C.

Denver, CO

[email protected]

Philip L. Gordon is a shareholder in the Denver office of Littler Mendelson, P.C., the nation's largest law firm representing only management in employment and labor law matters. Mr. Gordon chairs the Firm's Privacy and Data Protection Practice Group. He regularly counsels Fortune 500 companies, as well as medium-sized and small businesses, concerning compliance with the HIPAA Privacy and Security Rules, European data protection laws, and state data protection laws; security incident response and incident response planning; workplace monitoring of employee communications; background checks; and other privacy and information security issues. He also regularly defends employers in privacy-related litigation and in cases involving unfair competition and misappropriation of trade secrets.

Mr. Gordon speaks and writes extensively on the full range of workplace privacy and information security issues. He has given presentations to the International Association of Privacy Professionals (IAPP), the American Corporate Counsel Association, the National Retail Federation, the American Payroll Association, and the Ponemon Institute (a leading privacy “think tank”), among others. His articles have been published in a wide range of professional journals, including the Privacy and Security Law Report, World Data Protection Report, Employee Relations Law Journal, Executive Counsel, and Privacy Officers Advisor. His blog is located at www.workplaceprivacycounsel.com.

Mr. Gordon has taught privacy and information security law as an adjunct professor at the University of Colorado School of Law. He is a member of the Advisory Board of the Bureau of National Affair's Privacy and Security Law Report. He has served on the Educational Advisory Board and the Editorial Board of IAPP.

Mr. Gordon received his undergraduate degree from Princeton University and his law degree from the New York University School of Law. He served as a law clerk on the United States Court of Appeals for the Tenth Circuit.