The Business Law Section at the Philadelphia Bar Association

A health care transactional and regulatory lawyer, Brad Rostolsky is an attorney at the Reed Smith law firm in Philadelphia, Pennsylvania where he leads the group's HIPAA and Health Privacy and Security practice. Brad Rostolsky is also involved in the Philadelphia Bar association and is Co-chair of the Health Law Committee.

The Philadelphia Bar was founded in 1802, making it the oldest professional association of attorneys in the United States. The association provides legal advice on complex issues and also provides a forum for professional growth and networking.

One of the oldest sections of the Philadelphia Bar is the Business Law Section, which encompasses the Health Law Committee that Mr. Rostolsky co-chairs. The section seeks to provide networking and continued education for business lawyers and also communicates relevant industry information to members for use in their practices. In addition to the Heath Law Committee, other examples of committees under the Business Law Section include cyber law, bankruptcy law, and insurance law.                            

How HIPAA Affects the Handling of Medical Information

A native of Ambler, Pennsylvania, Brad Rostolsky is a partner at Philadelphia office of Reed Smith. At work, Brad Rostolsky deals with various legal issues affecting the health care industry, including those involving health care privacy.

There are numerous laws that govern how health care entities treat medical information. These laws operate in order to facilitate smoother information flow between members of the healthcare team in balance with the need to keep patient level information private and secure.

One such federal law is the Health Insurance Portability and Accountability Act (HIPAA), which is regarded as the baseline federal legislation that regulates health care information. There are various ways that the HIPAA protects medical information. Among them, it creates a system which controls how certain health information is being disclosed. In relation to this, it establishes the rights of individuals pertaining to their health information.

Additionally, it institutes security standards for regulated entities when they manage or transmit electronic patient information. It must be noted, however, that HIPAA only affects defined regulated entities, which includes health care providers, health care insurers, health care clearinghouses, and vendors to any of the aforementioned types of entities that need to use protected health information to provide their services. Information used by entities not regulated under HIPAA does not implicate the various privacy and security protections afforded under HIPAA.