Kristen Rosati Reviews a Year of Health Law Updates for AHLA’s Annual Meeting

Kristen Rosati Publishes Article on Strategies for Complying with Revised NIH Policies in Harvard Data Science Review

The National Institute of Health’s (NIH) revised Data Management and Sharing Policy requires a data sharing plan for all NIH-funded research, triggering compliance challenges amid quickly evolving federal, state, and international privacy standards.  In a special issue of Harvard Data Science Review, Kristen Rosati published an article on adopting strategies for long-term compliance in light of changing laws. In her article, Kristen recommended strategic, long-term data sharing solutions, including using HIPAA’s expert determination method to de-identify data to minimize potential future disconnects in data de-identification standards. Additionally, in light of concerns about whether de-identification of data is sufficient protection of privacy, and in the absence of a federal law prohibiting the re-identification of individuals in de-identified data sets, she recommends utilizing contractual controls on the use...

Read MoreRead More

Kristen Rosati Outlines Next Steps for Data Privacy Amid Roe v. Wade Reversal in STAT News

In the wake of the Supreme Court’s decision to overturn Roe v. Wade, many women now fear their confidential health records could be used to prosecute them for seeking an abortion in states where it is illegal. Kristen Rosati educated STAT News readers on how both businesses and individuals can protect medical privacy despite HIPAA’s outdated data policies. Kristen explained that HIPAA doesn’t cover many technologies that have emerged since its creation 26 years ago, including devices, apps and online searches that collect sensitive information. HIPAA also does not protect this data from being disclosed to law enforcement. Much of the responsibility to protect women from prosecution, then, will fall on individual companies. For example, she noted, apps could allow users to immediately delete their data,...

Read MoreRead More

Scott Bennett Educates Healthcare Risk Management Readers on Importance of Timely Access Request Responses for HIPAA Compliance

Following the Office for Civil Rights’ (OCR) report to Congress that revealed a 61% increase in HIPAA breaches affecting more than 500 people in 2020, Healthcare Risk Management turned to Scott Bennett for specific actions healthcare organizations should take to avoid complaints surrounding patient access and disclosure requests. Scott encouraged healthcare providers to continuously educate their personnel on the unique requirements and differences between the two types of requests and suggested supplying them with actionable guidance documents to use between trainings. Ensuring every access request is logged and receives a response within 30 days, as HIPAA mandates, will prevent OCR enforcement actions. Scott also recommended healthcare entities conduct a wide-scale security assessment that extends to every piece of hardware and software that touches electronic PHI. A leading...

Read MoreRead More
Scott Bennett Helps In Business Readers Prepare for Pending Consumer Privacy Laws

Scott Bennett Provides In Business with Employee-Focused Strategies for Preventing Workplace Cyberattacks

Focusing its recent cover story on key legal issues businesses face, InBusiness Phoenix turned to Scott Bennett to address the growing risk cybersecurity attacks present and how to mitigate them. Because hacking attempts are increasingly discreet and sophisticated, employees are often a business’s biggest cybersecurity risk. The majority of cyberattacks are the result of human error, such as clicking on a spam email link, and Scott urged businesses to host employee ransomware and cybersecurity training on an ongoing basis instead of only during onboarding. A workforce that is well educated on detecting suspicious emails, setting strong passwords and ensuring private files are encrypted will help keep hacks to a minimum. With deep expertise in data privacy and security, Scott assists businesses in health care and other industries...

Read MoreRead More
Jill Chasson Highlights Need for Anti-Harassment, Conflict of Interest Policies in Arizona Capitol Times

Jill Chasson Outlines Key ADA Medical Data Privacy Requirements in DataGuidance

With COVID-19 and the Omicron variant affecting many employers’ timing and conditions for bringing some or all employees back to the office, OneTrust Data Guidance turned to Jill Chasson for insight into important COVID-19 legal provisions and privacy considerations. Because employers may have access to employees’ screening, testing and vaccination medical information, it’s important to understand Americans with Disabilities Act (ADA) confidentiality requirements. Jill outlines steps employers must take to separate and protect medical information, as well as limited exceptions. She also addresses reasonable accommodations employers may need to make to reduce COVID-19 risk for employees with medical conditions or disabilities. Well versed in the many federal and state laws that govern the workplace, Jill regularly conducts internal investigations and works with employers to resolve difficult workplace issues....

Read MoreRead More
ASU College of Health Solutions Lauds Mel Soliz’s Contributions to MDC Advisory Board

Mel Soliz Educates Clinical Researchers About Data Privacy Compliance for Substance Use Disorder Studies

Knowing federal health information privacy laws can open doors to different types of data, the Phoenix Association of Clinician Researcher Professionals (ACRP) Chapter tapped attorney Melissa Soliz to educate substance abuse disorder (SUD) researchers about privacy laws at the Embracing Change Conference for Clinical Research. In “Got SUDs?: Using Substance Use Disorder Data for Research,” Mel explained how to comply with HIPAA and 42 C.F.R. Part 2 for SUD data research and how to structure a clinical data repositories to support SUD quality improvement projects and research studies. Mel’s regulatory health law practice focuses on compliance with data privacy and patient access laws. She assists organizations and health plans in structuring real-world policies, programs and agreements that are compliant with these laws. An active thought leader in...

Read MoreRead More