HIPAA and Data Privacy Compliance in Healthcare Litigation

BarbriSFCourseDetails

BarbriPdBannerMessage

campaign

Welcome! Strafford is now BARBRI! The expert courses you know from the trusted global leader in legal education.

Course Details

Course Information

smart_display Format
Live Online with Live Q&A
signal_cellular_alt Difficulty Level
Intermediate
work Practice Area
Health

Date & Time

event Date
Wednesday, October 8, 2025
schedule Time
1:00 p.m. ET./10:00 a.m. PT
timer Program Length
90 minutes

Credit Information

This 90-minute webinar is eligible in most states for 1.5 CLE credits.
Choose a State

Live Online

On Demand

$297.00

This course is $0 with these passes:

CLE

ALL

This CLE course will guide healthcare counsel advising providers on complying with the Health Insurance Portability and Accountability Act (HIPAA) and other federal and state privacy laws when asked to produce health information as a part of pending litigation. The panel will discuss what qualifies as protected health information (PHI) and is subject to HIPAA, what health information does not qualify as PHI but may still be subject to other federal and state privacy laws, and best practices for remaining compliant when responding to subpoenas, court orders, and discovery requests.

Faculty

Eliot T. Burriss

Partner

Faegre Drinker Biddle & Reath LLP

Mr. Burriss represents clients in sophisticated litigation matters, with a scope that includes derivative actions, M&A disputes, software license and data breach litigation, antitrust litigation, and trade secret litigation. He also has extensive experience litigating matters that arise under the Employee Retirement Income Security Act (ERISA), including 401(k) litigation, employee stock ownership plan (ESOP) litigation, and representing some of the world’s largest health plan administrators and insurers, advising on a variety of litigation matters, including anti-fraud litigation, provider disputes and regulatory issues.

expand_circle_down Expand to View Full Bio expand_circle_up Collapse Bio

Description

Requests for health information during litigation require counsel and healthcare providers to understand whether the information requested qualifies as PHI and is subject to HIPAA requirements, or even if it does not qualify as PHI, what other federal and state privacy protections may govern the information's production given the rapid expansion of data privacy regulation.

Additionally, counsel must evaluate whether the form of the request is proper and complies with federal and state law, whether the scope of information sought is appropriate, and whether all procedural requirements were met. Providers must avoid releasing more information than necessary.

Listen as our expert panel discusses strategies for ensuring compliance with HIPAA and other federal and state privacy laws when producing medical records or other health information during litigation and discovery. The panel will explain best practices for responding to subpoenas, court orders, and discovery requests seeking this information, drafting and implementing qualified protective orders, and crafting authorizations for the release of health information.

Outline

I. Introduction: overview of federal and state privacy laws regulating the handling of health data

A. HIPAA

B. Other federal regulation

C. State privacy laws

II. Evaluating types of information requests and differing compliance requirements

A. Subpoenas

B. Court orders

C. Discovery requests

III. Remaining compliant when responding to requests for health information

A. What health information qualifies as PHI?

B. What health information does not qualify as PHI but may still be subject to privacy laws?

C. Determining scope of response required

D. Qualified protective orders

E. Release authorizations

IV. Practitioner takeaways

Benefits

The panel will review these and other important issues:

What are the key factors for counsel to consider in evaluating a request for health information during the course of litigation?
What other laws in addition to HIPAA should counsel consider when determining how to handle litigation requests for health data?
What special conditions does HIPAA place on providers responding to a subpoena, court order, or discovery request for medical records?
What are key considerations for producing health information that does not qualify as PHI?
What are the best practices for counsel when drafting and implementing qualified protective orders in response to a request for health records?