You can only gain access to certain items and special pricing if you have logged in. Login Now.

MAY 1: Beyond The Legal Requirements: Key Practical Issues in Negotiating Business Associate Agreements, Responding To A Breach of Unsecured PHI, And Understanding HHS Enforcement

Phil Gordon, Littler Mendelson

Electronic (digital download/no shipping)

Affiliate Member, For-Profit Member, Government Member, Guest, Individual Member, Non-Profit Member, NonMember, Student, eMember - $30.00
Gold Premium Member, Platinum Premium Member - $0.00


Applying the plain language of the HIPAA/HITECH regulations might help your organization achieve minimal legal compliance, but it may not adequately protect your organization against legal and business risk. This presentation explores lessons learned from more than a decade of negotiating business associate agreements and from handling dozens of security incidents. More specifically, the presentation will address the provisions of business associate agreements that really matter and how to get the contract language that best protects your organization, whether your organization is a covered entity negotiating with a business associate or a business associate negotiating with a subcontractor. This presentation also will address some of the toughest issues surrounding security incident response, such as whether a compromise has occurred and how to use law enforcement involvement to your organization’s advantage. The presentation will conclude with a review of recent HHS enforcement activity and its practical implications for both covered entities and business associates. Speaker bio: Philip L. Gordon is a shareholder in the Denver office of Littler Mendelson, P.C., the nation’s largest law firm representing only management in employment and labor law matters. He is the Chairman of the Firm’s Privacy and Background Check Practice Group. Mr. Gordon regularly counsels health care providers, plan sponsors and business associates on the full range of HIPAA compliance issues, from policy drafting to negotiating business associate agreements to security incident response. His practice also focuses on the full range of other privacy and data protection issues, including background checks; monitoring employees’ electronic communications and social media activity; developing “bring-your-own-device” (BYOD) programs, regulating new technologies in the workplace; and compliance with federal, state and international data protection laws. Mr. Gordon sits on the Advisory Board of BNA’s Privacy and Security Law Report and has served on the Editorial Board and Education Advisory Board of the International Association of Privacy Professionals. His blog on privacy issues is located at He is a graduate of Princeton University and New York University School of Law and has taught privacy as an adjunct professor at the University of Colorado School of Law.

Product Details:

Product ID: WEB-23
Publication Year: 2014