Health Information Exchange

Our approach

Federal and state regulations regarding Health Information Exchanges (HIEs) and Health Information Technology (HIT) are still being defined. This uncertainty presents new opportunities in health care, as well as a variety of legal issues that crop up when patient information is managed or exchanged digitally. We have the hands-on experience and deep regulatory knowledge necessary to help our clients address those concerns, protect their assets and maintain high standards of quality, safety and efficiency. And our deep bench of legal counsel means we can offer a full spectrum of services in this sector, including regulatory advice and intellectual property and nonprofit organization counsel.

We work with Regional Health Information Organizations (RHIOs) and statewide Health Information Exchanges (HIEs) on corporate formation and governance, privacy and security compliance and implementing gateways for electronic prescribing and interoperable electronic health records. IT developers and end users face other unique issues and we counsel them in network security, privacy and identify theft concerns, regulatory compliance, and insurance issues and help them build thorough business associate agreements and vendor contracts.

Who we work with

• Regional Health Information Organizations (RHIOs), Health Information Exchanges (HIEs) and their stakeholders
• Behavioral Health and Substance abuse treatment providers (under 42 CFR Part 2)
• Software vendors, EMR vendors
• E-prescribing gateways
• Personal health record (PHR) vendors
• Health Information Technology and medical record developers and end users
• Health care providers participating in an HIE and RHIO

Recognition

• Recognized by Chambers USA as a nationwide leader in the Field of Privacy Law
• The Rhode Island Department of Health Founder’s Award, the Rhode Island Attorney General Justice Award and the Rhode Island Department of Health Award for Excellence in Public Health Promotion

Recent experience

• Serving as general counsel to the Rhode Island Quality Institute (RIQI), the first RHIO to implement a stringent privacy and security legal framework for its HIE and implement an opt-in consent for HIE participation. RIQI is the only entity in the country that received all three federal grants from the Office of the National Coordinator related to the implementation of health information technology, including the Regional Extension Center grant, the Health Information Exchange grant and the Beacon Communities grant.
• Helped several HIEs and RHIOs prepare governance policies and procedures, developing and implementing data sharing partner and use agreements, authorization forms and consent models
• Assisted several behavioral health and substance abuse treatment providers with helping them to figure out/navigate how to comply with stringent laws and regulations protecting the use and exchange of behavioral health and substance abuse treatment information
• Worked with the Massachusetts Center for Health Information and Analysis to develop privacy and security policies related to the statewide All-Payer Claims Database and providing them with ongoing privacy and data security counsel
• Assisted multiple software vendors and electronic medical record providers with legal issues in the exchange of health information, including patient portals, privacy and security practices and procedures, agreements with providers and HIEs and patient participant agreements
• Participated in the Health Information Security and Privacy Collaboration (HISPC), a project funded by the National Governor's Association to develop best practices for the exchange of health information across state lines