Scott Bennett Educates Healthcare Risk Management Readers on Importance of Timely Access Request Responses for HIPAA Compliance

Following the Office for Civil Rights’ (OCR) report to Congress that revealed a 61% increase in HIPAA breaches affecting more than 500 people in 2020, Healthcare Risk Management turned to Scott Bennett for specific actions healthcare organizations should take to avoid complaints surrounding patient access and disclosure requests. Scott encouraged healthcare providers to continuously educate their personnel on the unique requirements and differences between the two types of requests and suggested supplying them with actionable guidance documents to use between trainings. Ensuring every access request is logged and receives a response within 30 days, as HIPAA mandates, will prevent OCR enforcement actions. Scott also recommended healthcare entities conduct a wide-scale security assessment that extends to every piece of hardware and software that touches electronic PHI. A leading...

Read MoreRead More
Scott Bennett Helps In Business Readers Prepare for Pending Consumer Privacy Laws

Scott Bennett Provides In Business with Employee-Focused Strategies for Preventing Workplace Cyberattacks

Focusing its recent cover story on key legal issues businesses face, InBusiness Phoenix turned to Scott Bennett to address the growing risk cybersecurity attacks present and how to mitigate them. Because hacking attempts are increasingly discreet and sophisticated, employees are often a business’s biggest cybersecurity risk. The majority of cyberattacks are the result of human error, such as clicking on a spam email link, and Scott urged businesses to host employee ransomware and cybersecurity training on an ongoing basis instead of only during onboarding. A workforce that is well educated on detecting suspicious emails, setting strong passwords and ensuring private files are encrypted will help keep hacks to a minimum. With deep expertise in data privacy and security, Scott assists businesses in health care and other industries...

Read MoreRead More
Jill Chasson Highlights Need for Anti-Harassment, Conflict of Interest Policies in Arizona Capitol Times

Jill Chasson Outlines Key ADA Medical Data Privacy Requirements in DataGuidance

With COVID-19 and the Omicron variant affecting many employers’ timing and conditions for bringing some or all employees back to the office, OneTrust Data Guidance turned to Jill Chasson for insight into important COVID-19 legal provisions and privacy considerations. Because employers may have access to employees’ screening, testing and vaccination medical information, it’s important to understand Americans with Disabilities Act (ADA) confidentiality requirements. Jill outlines steps employers must take to separate and protect medical information, as well as limited exceptions. She also addresses reasonable accommodations employers may need to make to reduce COVID-19 risk for employees with medical conditions or disabilities. Well versed in the many federal and state laws that govern the workplace, Jill regularly conducts internal investigations and works with employers to resolve difficult workplace issues....

Read MoreRead More
ASU College of Health Solutions Lauds Mel Soliz’s Contributions to MDC Advisory Board

Mel Soliz Educates Clinical Researchers About Data Privacy Compliance for Substance Use Disorder Studies

Knowing federal health information privacy laws can open doors to different types of data, the Phoenix Association of Clinician Researcher Professionals (ACRP) Chapter tapped attorney Melissa Soliz to educate substance abuse disorder (SUD) researchers about privacy laws at the Embracing Change Conference for Clinical Research. In “Got SUDs?: Using Substance Use Disorder Data for Research,” Mel explained how to comply with HIPAA and 42 C.F.R. Part 2 for SUD data research and how to structure a clinical data repositories to support SUD quality improvement projects and research studies. Mel’s regulatory health law practice focuses on compliance with data privacy and patient access laws. She assists organizations and health plans in structuring real-world policies, programs and agreements that are compliant with these laws. An active thought leader in...

Read MoreRead More
Kristen Rosati Reviews a Year of Health Law Updates for AHLA’s Annual Meeting

Kristen Rosati Educates National Academies of Sciences, Engineering and Medicine about Patient Rights and Data Privacy

Looking to help oncology workshop attendees understand updates to patient privacy and data rights, the National Academies of Sciences, Engineering and Medicine turned to prominent “Big Data” and HIPAA compliance attorney Kristen Rosati. Kristen spoke during the two-day event: “Opportunities and Challenges for Using Digital Health Applications in Oncology: A Workshop.” Her presentation, “Legal Considerations – Patient Privacy and Data Security,” focused on ethical, security, governance, and payment issues with digital health applications and taught attendees about patients’ right of access to health information and new information blocking and interoperability rules. 2021 The Best Lawyers in America© and Phoenix Health Care “Lawyer of the Year,” Kristen has deep experience in data sharing for research and clinical integration initiatives, health information exchange, and clinical research privacy. She is...

Read MoreRead More
Scott Bennett Helps In Business Readers Prepare for Pending Consumer Privacy Laws

Scott Bennett Helps In Business Readers Prepare for Pending Consumer Privacy Laws

With the passage of several data protection and privacy laws, both domestically and abroad, businesses should prepare for a federal privacy law that may be on the horizon. Writing for In Business, Scott Bennett outlines actions companies should take to assure customers everywhere that their information is secure. Scott says three steps are of paramount importance: Create and/or update privacy policies – Organizations must have an easily accessible policy that outlines how they keep their customers’ information secure, what they do with it and how long it is kept. Template policies are a good place to start, but companies should tailor them according to their practices. Establish data mapping protocols – Data mapping examines all data a company collects, where it is located and what is...

Read MoreRead More