Data Security & Patient Privacy

In today’s heightened regulatory environment, healthcare providers and their business associates face a complex array of federal and state privacy rules established to safeguard patient health information. To navigate these regulations, they turn to Waller.

For compliance with HIPAA and state regulations governing protected health information, Waller is a trusted advisor to ambulatory surgery centers, behavioral healthcare companies, healthcare REITs, hospitals and health systems, pharmaceutical manufacturers, pharmacy benefits managers, physician practice groups, urgent care centers and other healthcare providers, as well as the companies with which they work - revenue cycle management firms, private payors, insurance brokers and other outside consultants. By understanding both the operations and objectives of our clients, we are able to help them focus on providing high-quality care in an increasingly demanding environment for patient privacy and data security.

Our services include:

• Development of comprehensive patient privacy policies and procedures
• HIPAA privacy and security rule advice
• Gap analysis for the implementation of patient privacy and data security systems
• Analysis and preparation of Business Associate agreements and amendments
• On-site HIPAA training
• Analysis of ownership and compliant use of health data
• Internal investigations of security incidents to determine whether PHI was compromised and analysis of potential data breaches
• Determination of data breach notifications required by the Department of Health and Human Services and state attorneys general
• Assistance with data breaches including those with more than 500 patients which require public disclosure and other response measures under federal law
• Analysis of potential patient privacy and data security issues in acquisition targets and structuring contractual indemnifications around data breaches