Erin Dunlap Provides Insight on Overturned HIPAA Penalty for Healthcare Risk Management

Erin Dunlap Discusses Recognized Security Practices for Complying with HIPAA Safe Harbor Law in Healthcare Risk Management

Although the 2021 HR 7898 HIPAA Safe Harbor law grants entities some protection against hefty HIPAA penalties, there are security nuances that risk managers and compliance officers must consider. Erin Dunlap provided Healthcare Risk Management with insight into how organizations can leverage security and risk management practices to reduce penalties from HIPAA-related investigations. HIPAA-covered entities have some flexibility in determining their recognized security practices, but Erin recommended they consider the NIST framework and HHS cybersecurity guidance for healthcare entities. Organizations that can show compliance with these industry-recognized standards and approaches in the previous 12 months may see a favorable termination of an investigation or may be granted leniency toward fines and penalties by the U.S. Department of Health and Human Services, Office for Civil Rights. With a...

Read MoreRead More
Erin Dunlap Provides Insight on Overturned HIPAA Penalty for Healthcare Risk Management

Erin Dunlap Guides Healthcare Risk Management Readers Through Revising HIPAA Patient Access Policies If Proposed Changes are Finalized

Following proposed changes to the HIPAA Privacy Rule from the U.S. Department of Health and Human Services (HHS) that left health plans and covered healthcare providers wondering how to prepare, Healthcare Risk Management turned to Erin Dunlap for insight. Explaining that patient access will be a key area of focus, Erin outlined eight ways patient access policies will need to be revised if HHS finalizes the changes. Erin also noted that revisions to a covered entity’s notice of privacy practices will also be necessary if the changes are finalized and urged plans and providers to prepare and budget for significant policy work and training. A nationally recognized expert in health care data privacy and security, Erin regularly advises organizations working in the health care space on a...

Read MoreRead More
Erin Dunlap Provides Insight on Overturned HIPAA Penalty for Healthcare Risk Management

Erin Dunlap Provides Insight on Overturned HIPAA Penalty for Healthcare Risk Management

When the Fifth U.S. Circuit Court of Appeals overturned a $4.3 million civil monetary penalty imposed on the University of Texas M.D. Anderson Cancer Center by the U.S. Department of Health and Human Services (HHS), Healthcare Risk Management asked health care data privacy attorney Erin Dunlap to explain how the decision may impact HIPAA covered entities and business associates. Erin called the decision a “game changer,” particularly in how entities subject to HIPAA will view HIPAA’s encryption rule, evaluate a loss of protected health information (PHI) and engage with HHS in setting investigations.  Erin specifically highlighted the Fifth Circuit’s position that the encryption specification was not a strict liability rule and perfection or ‘bulletproof protection’ is not the standard.  This is helpful for HIPAA covered entities...

Read MoreRead More
Erin Dunlap Provides Insight on Overturned HIPAA Penalty for Healthcare Risk Management

Erin Dunlap Educates Healthcare Risk Management Readers on HIPAA Requirements and Most Critical Compliance Steps

After a small orthopedic clinic in Georgia was fined $1.5 million for HIPAA violations, Healthcare Risk Management turned to health care and data privacy attorney Erin Dunlap to share what smaller providers can do to protect themselves from cyber risk and government enforcement. Erin, a nationally recognized expert in health care data privacy and security, explains that although the HIPAA Security Rule has existed for nearly 20 years, many smaller healthcare providers lack adequate security measures to protect against increasingly pervasive cyber risk. She advises providers to conduct a risk analysis — which is the first critical step in meeting HIPAA security requirements and can be done internally or by an outside vendor. If resources are limited, she points providers to the Security Risk Assessment Tool that...

Read MoreRead More
Erin Dunlap Provides Insight on Overturned HIPAA Penalty for Healthcare Risk Management

Data Privacy Expert Erin Dunlap Joins Coppersmith Brockelman

We are thrilled to announce that Erin Dunlap, a top-notch data privacy lawyer who has served the firm as an affiliate attorney since 2017, has at last succumbed to our pleas that she join us in a more formal capacity and has accepted an Of Counsel position with the firm.  Erin is a key player in our nationally recognized health care and data privacy and security practice areas. For over a decade, she has advised clients in the health care industry on data privacy and security issues under HIPAA, 42 C.F.R. Part 2, state privacy laws, TCPA, CAN-SPAM and Section 5 of the FTC Act. Before that, she was a successful health care litigator, representing clients in federal and state courts and before arbitrators, government agencies...

Read MoreRead More
Melissa Soliz and Erin Dunlap Discuss Healthcare Records Access During State Bar of Arizona’s Workers’ Compensation Program

Melissa Soliz and Erin Dunlap Discuss Healthcare Records Access During State Bar of Arizona’s Workers’ Compensation Program

Melissa Soliz and Erin Dunlap recently shared their expertise in health care data privacy in a presentation to fellow lawyers at the State Bar of Arizona’s annual Workers’ Compensation Program in Prescott.  The presentation began with an overview of HIPAA, breaking down relevant HIPAA exceptions related to workers’ compensation cases. Mel and Erin then provided historical background on 42 C.F.R. Part 2, which regulates substance use disorder records, explaining how to determine if Part 2 applies to workers’ compensation issues. They also touched on considerations related to state privacy laws and shared case examples to illustrate how a real workers’ compensation situation could play out. The presentation triggered interesting dialogue among the attendees, highlighting the importance of this topic in the worker’s compensation context.    Melissa focuses her practice on...

Read MoreRead More