California Healthcare News
Articles, Jobs and Consultants for the Healthcare Professional
Richard S. Cooper. Esq., Member, McDonald Hopkins LLC

Data Privacy and Cybersecurity - What Every Hospital Should Do

By Richard S. Cooper, Esq.
McDonald Hopkins LLC

See all this Month's Articles

Original Publish Date: February 9, 2016


Every hospital should undertake a comprehensive review of the effectiveness and legal adequacy of their current data privacy and cybersecurity plan. This plan should encompass HIPAA protections and should also extend to any data required to be protected under federal or state law. Ensuring the protection of Protected Health Information (“PHI”) under HIPAA, although critical to any data privacy and cybersecurity plan, is not alone sufficient. Other data, such as patient financial information and credit card information (Personally Identifiable Information (PII)), must also be protected.

A review would include at a minimum:


In addition, every hospital should have policies covering the following:

Training and Education

Hospitals should also assure proper training and education for personnel and medical staff in the following areas:

Hospitals should also strongly consider training and educational programs for applicable personnel on the following:


Finally, all hospitals should be certain that key agreements are consistent with and further the successful implementation of data privacy and cybersecurity policies and procedures including, but not limited to, the following:

Richard S. Cooper, Esq., is a Member of the McDonald Hopkins LLC law firm. He is also the Manager of its National Healthcare Practice Group and Co-chair of its Healthcare Restructuring Practice Group

Mr. Cooper provides legal representation to a broad range of hospitals, other healthcare facilities and physician groups across the United States. He has been listed in The Best Lawyers in America for health law for twenty-two consecutive years and selected for inclusion in Ohio Super Lawyers (2005-2015).

Visit the McDonald Hopkins LLC web site at