We Love What We Do
DMC Law provides client-centered service by acting as a trusted advisor, taking the time to understand each client’s business and goals, and collaborating with experienced, like-minded attorneys to advance the client’s best interests. For matters outside our areas of practice, we help identify trusted professionals from our established network—selecting those best suited to assist based on our deep understanding of the client and their objectives.
Health Privacy
- Advise on compliance with various state and federal health privacy laws including HIPAA, 42 CFR Part 2 and applicable state laws.
- Monitor the health privacy regulatory landscape for changes, governmental guidance or enforcement initiatives. and other important developments and counsel clients on the impact of such developments.
- Respond to state and federal complaints relating to alleged health privacy violations.
- Investigate health privacy compliance matters, make breach determinations, recommend corrective action and handle breach reporting and notification.
- Establish health privacy and security compliance programs including drafting and implementing policies and procedures and developing customized education for staff.
- Train on general compliance as well as targeted areas of need (e.g. minimum necessary, right of access, HIPAA Security Rule, etc.).
- Assist business associates with establishing HIPAA-compliant policies and processes necessary to do business with healthcare providers and other HIPAA-covered entities.
- Perform Business Associate Agreement audits.
- Counsel on subpoena response and prepare providers for testimony.
Healthcare Operations/Outside General Counsel
- Advise healthcare providers on a broad range of regulatory compliance, risk management, licensure, Medicare and Medicaid, contract, and day-to-day operational issues.
- Counsel clients on providing telehealth services.
- Respond to government investigations and inquiries.
- Represent providers before state and federal administrative agencies.
Health Tech
- Analyze whether an organization qualifies as a covered entity, business associate or other regulated entity and identify corresponding federal health privacy regulatory obligations.
- Prepare and negotiate Business Associate Agreements that meet business goals while maintaining regulatory compliance.
- Draft or revise HIPAA-compliant policies, procedures, and workforce training materials.
- Advise on investigation, mitigation, and breach notification obligations following a suspected or confirmed security incident involving health information.
- Provide guidance on HIPAA-compliant methods for data use, sharing, and de-identification.
- Provide ongoing legal support as products and services evolve, business models shift, or regulations change.
Behavioral Health Clinicians and Practices
- Draft therapy services agreements, telehealth consents, Good Faith Estimate documentation, and other intake forms tailored to the provider’s services, setting, and patient population.
- Provide legal guidance on privacy and confidentiality requirements, including policies, breach response, and compliant information sharing under state and federal law.
- Advise on the legal considerations of day-to-day operational issues including documentation, treatment planning, patient discharge, and managing high-risk clinical situations.
- Guide appropriate responses to patient requests for records, subpoenas, court orders, and law enforcement inquiries in compliance with Connecticut and federal law.
- Counsel on telehealth services to ensure compliance with licensure, privacy, consent, and prescribing rules specific to Connecticut.
- Advise on multi-state licensure compact rules (see Part 1 and Part 2 blog posts)
