Ask the Expert

When to seek legal consultation for HIPAA

Is it reasonable to think that a private medical practice with a total of 18 employees can meet all the requirements of HIPAA without hiring expensive outside consultants? At what point (if any) should we have legal consultation. Thank you!

    Requires Free Membership to View

Given the right tools, a fair amount of time and the budget to make it happen, I certainly believe it is reasonable to accomplish this internally. Keep in mind that not *all* outside consultants are expensive. You should be able to find some in your area that can do the work for a reasonable fixed cost so you don't have to worry about it getting out of control financially. Long term, given employee training, books and other tools that you will end up needing to purchase, not to mention pulling employees away from what they normally do on a full-time basis, it could very well be cheaper to outsource. At a minimum, you should consider getting legal counsel to review your HIPAA-mandated privacy and security policies to ensure they are reasonable and enforceable.

For more information on this topic, visit these other resources:
Featured Topic: HIPAA update
Commentary: HIPAA compliance doesn't come in a box
Best Web Links: Securing Health Care/Health Services

This was first published in December 2002

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: