To help health care providers and other entities manage and protect sensitive health information, we maintain a sophisticated team of data privacy and security lawyers with a unique combination of privacy, security and health care industry experience. Our lawyers focus exclusively on counseling entities – like you – doing business in the health care field, including providers (covered entities), business associates, and pharmaceutical and medical device manufacturers on data privacy and security matters. In particular, we regularly advise on a wide range of privacy and security issues under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), state privacy laws and applicable international privacy laws, such as the EU General Data Protection Regulation (GDPR).
At Reed Smith, our team has followed and advised on the Administrative Simplification provisions of HIPAA from the time it was first proposed in Congress, including the numerous implementing regulations that have been issued and amended since the Act’s enactment in 1996, such as: (1) the standards for the privacy of individually identifiable health information (the Privacy Rule), (2) the security standards (the Security Rule) and (3) the Breach Notification Rule. Lawyers in our HIPAA and Health Privacy & Security Practice have deep experience in each of these rules and are well-versed in the changes made to these rules resulting from the enactment of the Health Information Technology for Economic and Clinical Health (HITECH) Act and its implementing regulations.
We advise numerous types of covered entities, including:
Ambulatory surgical centers (ASCs)
Durable Medical Equipment, Prosthetics, Orthotics and Supplies (DMEPOS) suppliers
Hospitals/health systems/academic medical centers
Hospices and home health agencies
Nursing homes/skilled nursing facilities (SNFs)
Physicians/physician groups
Pharmacies (retail, institutional, mail order, specialty)
We also represent a wide range of business associates: