Dancing With HIPAAFollow my lead and you’ll be OK

David Harlow JD MPHTHE HARLOW GROUP

LLCblog • healthblawg.com

twitter • @healthblawg

Photo: CC: http://www.flickr.com/photos/aigle_dore/6672141083

HIPAA HighlightsPHICEBA

Breach Notification• Patients• Government• Press (>500)

Enforcement (OCR/AGs)• BA Primary Liability• Downstream responsibility• Audits, Complaint

Investigations, Fines

TPOBAANPP

Authorization/Consent

Security • Administrative• Technical• Physical• >> Risk Assessment

Privacy • Minimum Necessary for TPO• Patient Access• Opt-In for Research,

Marketing, Fundraising

Wall of Shame

Deidentification

Photo: CC: http://www.flickr.com/photos/hape_gera/3281625420

thed

atam

ap.o

rg

It’s not ALL about HIPAA

FTC BreachNotification Rule

for PHRs

State Rules on Data Privacy

Including“Sensitive” Health Data

Lockdown vs. Open Door

Clear Expectations => No Surprises

The Inevitability of Digital Health

Photo: CC: http://www.flickr.com/photos/aigle_dore/6672141083

for contact info txt dharlow to 50500or scan the QR code

harlowgroup.nethealthblawg.com

twitter.com/healthblawgdavid@harlowgroup.net

Thank YouDavid Harlow JD MPHTHE HARLOW GROUP

LLC