ERISA Group Health Plans: Complying With Complex HHS Regulations and Leveraging New Guidance

Structuring Privacy Policies, Security Breach Notifications, Business Associate Agreements, and More

Recording of a 90-minute premium CLE webinar with Q&A

This program is included with the Strafford CLE Pass. Click for more information.
This program is included with the Strafford All-Access Pass. Click for more information.

Conducted on Tuesday, May 6, 2014

Recorded event now available

or call 1-800-926-7926
Course Materials

This CLE course will prepare ERISA counsel to comply with the confusing and complex HIPAA regulations for group health plans. Our experienced panelists will provide best practices in implementing required changes to privacy policies, security breach notifications, business associate agreements, and more.


Since HHS issued the final HIPAA Omnibus rule in 2013, it has issued a series of supplemental guidance creating more work for group health plan sponsors and employers—some as recently as Feb. 14.

As a result of HHS’ regulatory framework and applicability, this area of the law is fraught with confusion and uncertainty for counsel to ERISA-covered health plans. Given HIPAA’s broad applicability, ERISA counsel must be proficient in implementing policies for clients’ group health plans to comply with its regulations.

The Office for Civil Rights is ramping up audits, enforcement and penalties for violations, so ERISA counsel must prepare now to advise clients on the expedited implementation of the new requirements. 

Listen as our authoritative panel reviews the regulations promulgated by HHS and the follow up supplemental guidance. Our panel of ERISA and health attorneys will provide best practices in regards to security breach notification standards, privacy practices, drafting business associate agreements, and provide an analysis of the plan sponsor/group health plan distinction.



  1. Final privacy rule
    1. Privacy requirements and policies
    2. Notice of privacy practices
    3. Supplemental guidance
  2. Final security and breach rules
    1. Security requirements and policies
    2. Breach requirements and notifications
    3. Supplement guidance
  3. Business associate requirements
    1. Drafting requirements for business associate agreements
  4. Distinctions between employer, plan sponsor, and group health plan


The panel will review these and other key questions:

  • How are group health plans affected by the recent HIPAA regulations?
  • What additional steps must be taken based on the series of supplemental guidance issued after the final omnibus rule?
  • How must you draft business associate agreements in order to comply with the HIPAA regulations?
  • What is the distinction between the plan sponsor and the group health plan? How does this distinction impact the applicability of the HIPAA regulations?

Following the speaker presentations, you'll have an opportunity to get answers to your specific questions during the interactive Q&A.


Blaney, Ryan
Ryan P. Blaney

Cozen O’Connor

Mr. Blaney's practice focuses on representing clients in the healthcare and life sciences industries in a wide...  |  Read More

Downs, Tiffany
Tiffany D. Downs


Ms. Downs advises and assists plan administrators and fiduciaries with the design, drafting and administration of...  |  Read More

Access Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include course handouts.

To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Audio