Sarah E. Coyne quoted in article “Business Associate Liability: HIPAA’s New Hazard”Counsel to Counsel E-Magazine 12/01/10
Enacted in 1996, HIPAA’s regulations have rolled out in waves. Privacy rules went live in 2003, security requirements in 2005. At each step, companies had to change the way they thought about health care to be in compliance.
“One big challenge for in-house counsel was understanding that everybody’s group health plan was a covered entity, and they had to do health plan compliance,” says Sarah E. Coyne, who chairs the health law group at Quarles & Brady LLP. “It was a hard message to get out. The same concern applies to business associates, whether they’re people in the business of shredding paper or making bicycle parts. They’re not used to thinking of themselves as a regulated health care entity.”
Originally published in Counsel to Counsel E-Magazine, Winter 2010