HIPAA Compliance

Compliance with the HIPAA regulations is not a discrete task, but rather an ongoing process.  Many organizations, however, understandably struggle to remain current with changes in the law and changes in their organization.  As a result, many organizations have one, if not many, compliance threats—a vulnerability that may trigger a government investigation and resulting liability.   

The U.S. Department of Health & Human Services continues to investigate complaints and audit HIPAA covered entities and business associates.  In the last two decades, the government has received and resolved over 200,000 complaints and a majority of its HIPAA investigations every year have resulted in corrective action against the entity or business associate.1  A list of the hundreds of current active investigations is available on the website for the Office for Civil Rights.2 

HIPAA not only requires that covered health care providers and their business associates implement compliant policies and procedures, but also requires that they undertake an ongoing process of ensuring that protected health information is protected from new threats, changes in business practices, and changes in facilities and organization, among other things.  


If you do not regularly undertake an analysis of your organization’s HIPAA policies and related practices, and how they are affected by changes to your organization, updates may be necessary to bring your organization back into compliance.



The P&F Solution 

It is common for organizations to have gaps in their compliance—topics that were never adequately covered by compliance policies and procedures, or topics that, through time and change, have become sources of risk and noncompliance.   


The attorneys at Pullano & Farrow have decades of experience preparing HIPAA compliant policies and procedures and reviewing existing policies and practices for necessary changes.  Our attorneys will efficiently and thoroughly review your current policies, procedures, and practices and provide you with a detailed summary of areas where improvement is needed, guide you in how to implement those improvements, and provide you with any written policies and procedures your organization needs to bring it into compliance.   

Download "HIPAA Gap Analysis Tool: Getting Started"
To assist you in getting started with your review, please feel free to use and share this review tool.


Subscribe to our e-newsletter to receive legal briefings, news, and event invitations, delivered right to your mailbox.

PHONE  585.730.4773

FAX 888.971.3736


69 Cascade Drive Suite 307

Rochester, New York 14614


Monday - Friday: 8am - 5pm

Saturday - Sunday: Closed


Corporate | Health Care | Trusts & Estates

Labor & Employment | Litigation | Real Estate

Personal Injury & Wrongful Death


Agribusiness | Small Business & Entrepreneurship

Hospitality | Not-for-Profits 

Sports & Entertainment Education & Child Care

Construction & Land Development 

Serving clients  throughout the Finger Lakes region and across New York State, including Rochester, Buffalo, Syracuse, Utica, Rome, Oneida, Binghamton, Elmira, Watertown, Niagara, Jamestown, Oswego, Cayuga, Oneonta, Schenectady, and Albany.

© 2013-2021  Law Offices of Pullano & Farrow PLLC. Legal Disclaimer.   Statement of Client Rights & Responsibilities

Attorney Advertising. All rights reserved.