Health Data Literacy for Attorneys: Privacy, Security, Breaches, Ethical Considerations and So Much More

Organizations that collect, maintain and use health data are subject to state and federal health information privacy and security laws, including the Health Information Portability and Accountability Act of 1996 and its implementing regulations (collectively, “HIPAA”). In this presentation, the speakers will discuss:

• What attorneys need to know about their own compliance with health data privacy and security laws, including how compliance with these laws intersect with an attorney’s ethical duties.
• HIPAA compliance issue spotting for attorneys that represent clients that operate in the health care space to avoid common mistakes and pitfalls with using health data in litigation actions and transactional matters. 
• Recent enforcement actions and liability risks associated with non-compliance with these health data privacy laws.
• Ethical and practical approaches attorneys and their clients may take in preventing and addressing security events, particularly when working in remote environments. 

 
Laws that will be covered during this presentation include:

• HIPAA
• 42 USC 290dd-2 and its implementing regulations at 42 CFR Part 2 (the federal Confidentiality of Patient Substance Use Disorder Records regulations) 
• Arizona state health information privacy laws and breach notification rule
• The Federal Trade Commission (FTC) Breach Notification Rule
• Other state data privacy laws, such as the California Consumer Protection Act (CCPA)

Chair: 
Melissa Soliz, Coppersmith Brockelman

Faculty: 
Christopher Bender, HKA
Michael Corcione, HKA
Bradley Perry, State Bar of Arizona