HIPAA Expert Witness

HIPAA Privacy Rule and HIPAA Security Rule

Data Privacy in Healthcare
Data privacy in healthcare requires an understanding of HIPAA and HITECH Act Safeguards

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) sets the Standard for privacy and security in healthcare.

Data privacy is intangible but failure to prevent data privacy attacks could cause tangible outcomes.

If you run a healthcare business, ask us about Information Safeguards. We’ll tell you how to meet the Standards.

Healthcare Privacy Imperatives

Companies face new industry-specific data protection regulations, and customers are more informed about privacy rights.  As a result, developing a privacy competence has never been more critical. Continuous data compliance delivers multiple benefits, but companies with siloed ‘borders’ of initiatives who only react to unforeseen events will fail.

Healthcare is a data-driven business, so healthcare privacy is critical.  We evaluate data privacy compliance in a shifting healthcare regulatory landscape.  Data privacy focus on information safeguards, physical safeguards, technical safeguards as well as policies and procedures and the methods that drive updates to them are essential.

Use of Data and Maintaining Data Privacy

The conundrum: to gain knowledge, data must be shared and analyzed, yet, it must be kept private.  Digital paternalism in medicine has sometimes protected information that should be shared, and at times negligence has allowed information that should be kept private to be disclosed.  HIPAA provides a robust framework. In our experience, those who don’t take time to understand it want to assail it.  HIPAA provides a balance between sharing and maintaining privacy.  Here are two in-context examples.

Electronic Health Records, IoT and MIoT

Meaningful Use of Electronic health records under the HITECH Act has digitized healthcare.  Data acquisition via provider entered progress notes is being augmented with embedded software and devices to cover a larger spectrum of healthcare. The Internet of Things (IoT) is used to integrate, receive, use, and disclose healthcare data. Moreover, the Internet of Medical Things (IoMT) is expected to be a $158 billion market by 2022.  Without an in-depth understanding of healthcare privacy Safeguards, privacy breaches can occur at the speed of light.


Telemedicine utilizes patient protected health information (PHI) for remote care with a clinician.  So called “HIPAA Compliant” telemedicine platforms are used sporadically in our view.  Consumer friendly methods such as FaceTime and Zoom are easy to use and are sometimes turned to in the moment of a patient encounter when the health care data privacy platform fails.  As a result, data privacy might get compromised in this telemedicine scenario.

HIPAA Expert Witness

Health Information Privacy

Meaningful Use Audits, HIPAA Privacy and Security 

HIPAA Expert Witness Michael F Arrigo