Medical records are a vitally important part of any litigation that involves a person's injury or wellbeing. However, at the same time a person has the right to keep their health information private, and laws have been enacted that protect the personal health information of individuals. On the federal level, the government has enacted HIPAA, and on the state level the Texas Medical Records Privacy Act and Texas HB 300 have added additional safeguards to health information. If you are involved in litigation where your medical records are necessary, you should know your rights under the law and put your trust in an experienced law firm that protects the confidentiality of its clients.

Health Insurance Portability and Accountability Act (HIPAA)

Federal HIPAA law requires health care providers, including mental health care providers, protect the privacy of patient records, history, and health information. HIPAA rules apply to health care providers, health care plans, and any other entities that process health care insurance claims. Business associates of these entities that receive private health information must also comply with HIPAA rules.

HIPAA also enacted a Privacy Rule, Security Rule, and Breach Notification Rule for entities and business associates who come in contact with private health information.

Privacy Rule: This rule gives consumers rights over their health information as well as sets limits on who can look at and receive a consumer's private health information. It applies to written and electronic records.

Security Rule:

This rule protects private health information in electronic form and requires entities covered by HIPAA to maintain reasonable safeguards to ensure that the information stays secure.

Breach Notification Rule: This rule requires HIPAA covered entities and business associates to provide notice to affected consumers if their private health information has been breached.      In addition, HIPAA also provides that if a state law enacts more privacy protection to its citizens' private health records, the state law will apply.

Texas HB 300

Amending the Texas Medical Records Privacy Act, Texas HB 300 was made effective on September 1, 2012. This law gives additional protection to consumers and their private health information in Texas.

The Act is broader than HIPAA because it applies to health care providers, health plans, and other entities that process health care insurance claims in addition to any individual, business, or organization that obtains, stores, or possesses private health information. The Act also applies to any agent, employee, or contractor of any entity covered under the law if they create, receive, obtain, use or transmit a consumer's private health information.

How These Laws Affect Texas Attorneys

Under the amended rules of Texas HB 300, law firms in Texas that deal with clients' private health information are considered covered entities. Law firm attorneys, staff, and other employees are considered business associates and the new laws also apply to them. The rules apply to any law firm that handling medical records, health insurance records, or healthcare billing records as private entities. Under Texas HB 300, they must all comply with the new requirements and can be subject to the same penalties as other covered entities.

Law firms and their business associates that engage in the use or storage of private health information must take appropriate safeguards to comply with Texas HB 300. Policies and procedures regarding the storage, destruction, data encryption, user IDs, and passwords must be updated to meet the standards of the new laws.

How Our Firm Protects Your Confidential Health Information

Our employees receive training regarding state and federal law regarding health information as it relates to the legal profession and our normal course of business.

• HIPAA training for our employees not only educate our staff about what state and federal law on this matter is all about- we specifically ensure employee's receive training related to their scope of employment.
• Our employees receive this training within the first 60 days of employment
• We do not “sale” protected health information to others.
• Electronic records are password protected
• Our firm uses virus protection software and other safeguards on our computers.

If you are involved in litigation that requires the use of protected health records, including but not limited to, medical records, psychiatric records, or dental records, you can rest assured that we take the necessary steps to protect your confidential information.  Our firm is not only dedicated to zealous advocacy for our clients we are also committed to protecting confidential information.