Denver HIPAA Compliance Lawyers Assisting Health Practitioners with Patient Privacy

HIPAA (the Health Insurance Portability and Accountability Act of 1996) imposes strict requirements on patient privacy and related matters. Another consequence of this legislation, however, is to open up significant legal liability for healthcare professionals. Take heart - the HIPAA lawyers in Colorado have the experience to guide you through the HIPAA compliance maze.

Schedule FREE Consultation
HIPAA Compliance Issues You May Face

HIPAA Compliance Issues You May Face

Healthcare is one of the most strictly regulated industries in the United States. As a healthcare professional, you must navigate multiple levels of regulatory restrictions relating to employment law, advertising and trade secret protection, among others. In addition, you must harmonize all of these restrictions, and you must balance compliance concerns with your organization’s business and patient care needs.

HIPAA regulations constitute what is perhaps the most complex regulatory system of all. The HIPAA law compliance attorneys at Sequoia Legal can explain the regulatory requirements in simple, easy-to-understand terms. We can also help you create policies and procedures that will keep you compliant with HIPAA. We can periodically train your staff to effectively administer your HIPAA compliance system.


Understanding the Implications
of the HIPAA Law

HIPAA is a federal statute that imposes uniform national standards of patient privacy on the otherwise decentralized US healthcare system. Its primary purpose is to prevent the disclosure of sensitive healthcare information about a patient unless the patient grants informed consent to the disclosure. The law includes several important aspects, as described below.

Understanding the Implications of the HIPAA Law

The HIPAA Privacy Rule

The HIPAA Privacy Rule is a national rule that grants a patient the right to control their own medical records. The rule places restrictions on who can receive or even view a patient’s health information. The Privacy Rule applies to patient healthcare information in any medium - written, oral or electronic.

The HIPAA Security Rule

The HIPAA Security Rule applies specifically to healthcare information stored in electronic form (on a computer, for example). It requires organizations that keep electronic copies of patient healthcare information (almost any hospital, for example) to designate someone to take responsibility for regulatory compliance as well as compliance policies and procedures. The Security Rule also requires organizations to perform a periodic security risk analysis.


The HITECH Act is part of the American Recovery and Reinvestment Act of 2009. It is designed to enforce HIPAA, and it includes the following requirements:

  • Regular audits of healthcare providers to ensure compliance.
  • Additional disclosure requirements by healthcare providers that maintain digital patient records.
  •  Prohibition against certain types of communication without notifying the patient and providing them with the opportunity to veto the disclosure.

The Breach Notification Rule

The Breach Notification Rule requires healthcare providers to notify patients when their unsecured health information is improperly used or disclosed in a manner that compromises the patient’s privacy or security. The healthcare provider does not have to notify the patient of improper use or disclosure if it can prove that such use or disclosure is unlikely to have caused any damage to the patient’s privacy or security interests.

Our Legal Services for HIPAA Privacy, Security & Compliance

Translating 115 pages of legislation into a functioning system of HIPAA compliance is no easy task - either to understand or to implement. Our medical compliance lawyers understand these requirements thoroughly, and we enjoy many years of experience in helping clients effectively implement them. Following is a very abbreviated list of how we can help you.

  • Developing training programs for employees
  • Creating or modifying billing compliance policies
  • Undertaking HIPAA compliance investigations and remedying any defects found
  • Drafting and updating security programs and policies
  • Handling reimbursement matters
  • Drafting HIPAA-compliant notices and forms
  • Preparing HIPAA-compliant contracts with business associates
  • Conducting internal risk assessments
  • Interpreting HIPAA rules and regulations
  • Advising on when breach notifications should be issued
  • Responding to patient complaints and assisting with any disputes
  • Planning in advance for investigations and audits so as to minimize legal risks

At Sequoia Legal, we are committed to resolving your compliance challenges in the most cost-effective manner possible and with a minimum of business disruption.

Who We Serve

We do not represent hospitals, Accountable Care Organizations (ACOs), Academic Medical Centers, or Allied Health Providers. We do work with the following entities and individuals, among others:

  • Durable medical equipment companies
  • Electronic medical records companies
  • Home health agencies
  • Manufacturers of drugs and medical devices
  • Medical app developers
  • Nursing homes and skilled nursing facilities
  • Pharmacies and pharmaceutical benefit managers
  • Physicians and physician groups
  • Vendors and contractors
Who We Serve

Meet Our HIPAA Attorneys

Frequently Asked
Questions (FAQs)

Who must comply with HIPAA?

HIPAA covers the following entities (known as “covered entities” under HIPAA):

  • Health plans,
  • Doctors,
  • Clinics,
  • Hospitals,
  • Nursing homes,
  • Pharmacies,
  • Healthcare clearinghouses,

HIPAA also applies to “business associates” of any of the foregoing individuals or entities--administration or claims processing entities, for example. Even data transmission services such as regional Health Information Organizations (HIOs) qualify as business associates if they require routine access to patient medical records.

What are the penalties for HIPAA violations?

HIPAA classifies violations into four categories, based on the intentions of the entity involved (unintentional, negligent, willfully negligent, and intentional) and whether the entity tried to correct the problem. Fines range from $100 to $50,000 per violation.

What does it take to be HIPAA compliant?

Your organization can become HIPAA compliant if you study the HIPAA legislation (45 CFR Parts 160, 162, and 164) and then apply the rules to your organization. It will not be easy. HIPAA legislation is a dense material, and applying the rules is more difficult than simply reading and understanding them.

What rights do individuals have under HIPAA?

Under HIPAA, patients have the right to access healthcare information about themselves that is maintained by HIPAA-covered entities or maintained by a third party on behalf of a HIPAA-covered entity. This includes not only medical records but billing records, insurance information, and other types of records. Patients are only entitled to records that are already in existence--they cannot demand the creation of new records in response to a request.

Talk To Our Denver HIPAA Compliance Lawyers Today

If you would like a Colorado HIPAA law form to help you with regulatory compliance, contact Sequoia Legal by calling (303) 476-2851 or contacting us online to schedule a consultation.

Select from the list

Thank you!
Your Submission Has Been Recieved
Oops! Something went wrong while submitting the form.

Denver Office

7355 E. Orchard Rd., Suite 375 Greenwood Village, CO 80111

*by appointment only

Office Hours

Mon - Fri
9am - 5pm
Call For Off-Hour Appointments

Licensed in New york, Colorado, & Alaska with an international flair

What Our Clients Say


Marcus F.

Sequoia Legal found subtle legal loopholes in some of our confidentiality agreements that could have spelled disaster for our small business. Fortunately, with the help of Sequoia Legal, we were able to get these leaks plugged before they did any serious damage to our company.


Cyndi S.

Our company operates in a highly regulated industry. Sequoia Legal has been our go-to law firm for years now. I am happy to say that we have never suffered a serious regulatory noncompliance problem, and Sequoia Legal has quickly resolved the few minor problems that did arise.


Jake D.

Our company’s trade secret protection system was a ticking time bomb waiting to explode. Sequoia helped us revamp the system so that it complies with both state and federal law. I cannot recommend their services highly enough.


Teresa M.

We ran into a hit on the SDN list. It turned out to be a case of mistaken identity, and Sequoia Legal helped us resolve the issue in a quick and cost-efficient manner. Very professional and knowledgeable.


Mike C.

A couple of years ago, our company had no compliance program to speak of, and we were barely aware of the existence of OFAC regulations. Sequoia Legal helped us get our house in order, and we have had no problems since then.


Jacqueline K.

We contacted Sequoia Law after an internal audit revealed that our company had inadvertently committed two substantial OFAC violations over the past two years. We chose the path of voluntary disclosure to OFAC and received lenient penalties. Many thanks to Sequoia for their adroit handling of the matter.


Wilson B.

We are an out-of-state company that hired Sequoia Legal to crack down on some Colorado companies that were blatantly infringing our trademarks and software copyrights. Sequoia Legal shut them down in a matter of weeks and secured generous compensation for our damages.`Sequoia Legal epitomizes professionalism.


Walter R.

Our previous attorney had drafted us NDAs that were so full of holes that it left unscrupulous former employees almost complete freedom to deal with our trade secrets as they wished. Sequoia Legal helped us plug those loopholes and prevent further leakage of valuable trade secrets. I can’t recommend them highly enough.


Grace F.

We hired Sequoia Legal to help us organize and protect our intellectual property needs. They identified problems we didn’t even know we had, and they helped us head off serious oversights that might have bankrupted our company if we hadn’t caught them in time.


Gary D.

Sequoia Legal has been helping us with regulatory compliance matters for years now. So far, we have not had a single complaint lodged against us by any patient or entity, and no enforcement actions have been implemented or threatened. I can’t praise them enough.