Complying with the "Minimum Necessary" Standard of the HIPAA Privacy Rule

The minimum necessary standard, a key protection of the HIPAA Privacy Rule, mandates that protected health information should be used or disclosed only to satisfy a particular purpose or carry out a particular function. Complying with the minimum necessary standard poses particular challenges to law firms, often forcing them to modify practices for collecting client information and securing it throughout the matter life cycle.

This presentation explains why the minimum necessary standard is important and how it impacts common law firm operations. Suggested processes, procedures and technologies to satisfy compliance obligations will be provided.