With the number, scope and impact of healthcare data breach incidents constantly increasing, it is imperative for companies to create a proactive and vigilant healthcare data protection strategy to adequately defend against exposure to risk. Several of the country’s largest healthcare systems and numerous other healthcare companies have turned to Bass, Berry & Sims for assistance in responding to high-stakes breaches that required board and senior executive level involvement. Our Healthcare Data Breach Protection & Response practice has developed best-in-class data breach plans and resolution services to help clients mitigate risks in these volatile situations.
Our practice is led by data privacy and security members with decades of healthcare experience, attorneys from our Healthcare Fraud Task Force, and leaders in our HIPAA compliance area. As the fourth largest healthcare firm in the nation, we are able to immediately deploy an arsenal of attorneys and data technologists for data reviews when a mega breach occurs. With a former state and federal prosecutor of 20 years co-chairing the practice, as well as other experienced investigations attorneys, we are well positioned to engage in discussions and negotiations with the government when the need arises.
Our Healthcare Data Breach Protection & Response team stays abreast of developing technologies and current trends to help our healthcare clients control an exponentially-increasing amount of electronic data before disputes arise and to add efficiency, accuracy and consistency throughout all phases of data procurement, management and storage.
With regard to HIPAA/HITECH specifically, we regularly counsel healthcare providers on the increasingly stringent federal laws and regulations related to HIPAA compliance and the privacy and security of personal health information, including federal and state security standards, business associate standards, and breach reporting requirements. We navigate state and federal requirements related to responding to data breaches and preventing identity theft, implementing necessary policies and ensuring additional mitigation steps are fulfilled. We also counsel clients with respect to the use of mobile devices, including physician use of mobile devices to transmit and access electronic patient records.
In addition to our attorneys, Bass, Berry & Sims has a dedicated team of data technology professionals to collaborate with clients on all technical matters related to data management and preservation, document retention, and litigation readiness. With an eye toward cost containment and appropriately applying proven – yet new – technologies, the team ensures the firm offers innovative and effective solutions to clients in managing the volume, complexity and expense of electronic data. The Healthcare Data Breach Protection & Response team utilizes all available mechanical knowledge and resources of our data technology team to provide holistic strategies and practical solutions to our clients.
Our clients include publicly traded healthcare systems, regional and national not-for-profit systems, large hospitals, and healthcare companies with multiple facilities and large networks. Some examples include:
- National healthcare and hospital systems with dozens of facilities across multiple states
- Healthcare and hospital systems with facilities in the majority of counties in specific states/regions
- Healthcare networks offering community-based hospice and home healthcare services with 100+ branches
- Surgery center management companies with more than 200 ambulatory centers
- Operators of senior living and retirement communities with 1,000+ locations
- Large specialty care practices ranging from orthopedic centers to behavioral/substance abuse clinics
- Healthcare technology companies
- Global pharmaceutical and biotechnology companies
- Large medical supply and equipment companies
- National health plan and managed care providers