Increasingly, our clients have begun to deal with the vast array of rules and regulations governing the privacy of information. These rules often affect an organization as it interacts with its employees, customers, service providers and vendors. The rules and regulations that can apply to an organization include the privacy rules of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Gramm-Leach Bliley Act, and the European Union Data Protection Directive.
With respect to compliance with privacy rules by employers, union associations and group health and welfare plans, we can assist a client with all aspects of compliance, including gathering information about the sources of private information, developing privacy procedures, notices and other written materials, amending plan documents and service provider agreements, training employees on the use and disclosure of private information, and monitoring on-going compliance.
Several members of the Employee Benefits Practice are also members of a firm-wide task force on privacy whose members also include attorneys who practice in the FDA/Healthcare Regulation Practice, the Financial Institutions Regulatory Practice, the Labor and Employment Practice, the Tax/Health Law Practice, and the Technology Transaction Group. The members of the task force have assisted a wide variety of clients with privacy issues, including health care organizations, nursing homes, physicians, medical device companies, drug manufacturers, banks and insurance companies, casinos, real estate management firms, multi-employer health plans and self-insured and insured health and welfare plans.