September 01, 2017

HIPAA Framework Considerations in a Merger or Acquisition: A Practical Guide

Amy Papsun, Quartz Health Solutions, Inc., Sauk City, WI

Although the Health Insurance Portability and Accountability Act of 1996 (HIPAA)1 may not be at the top of mind during a merger or acquisition, privacy and security counsel in a healthcare transaction is essential to ensuring that the business meets its goals and stays compliant with HIPAA regulatory obligations. This article outlines items to consider during the mergers and acquisitions (M&A) process to ensure that protected health information (PHI) is safeguarded. Whether the transaction is among multiple covered entities (e.g. a provider system with clinics, hospitals, and a health plan), or a mix of covered entities, hybrid entities, and non-covered entities, careful consideration needs to be taken before choosing a framework to remain compliant with HIPAA. The following sections address pre-close and due diligence considerations, compare three approaches to crafting a framework, and evaluate positives and negatives of each one. 

Premium Content For:
  • Health Law Section
    • ABA Health eSource
Join - Now