Paul R. Hales

Attorney at Law, St. Louis, Missouri,

Paul R. Hales, J.D. is widely recognized for his expert knowledge and ability to explain the HIPAA Rules clearly in plain language. Paul is an attorney licensed to practice before the Supreme Court of the United States and a graduate of Columbia University Law School with an international practice in HIPAA privacy and security. He is the author of all content in The HIPAA E-Tool®, an Internet-based, complete HIPAA compliance solution with separate editions for Covered Entities, Business Associates, Health Plans and Third Party Administrators.

Upcoming Webinars
Recorded Webinars

Sep

2025

RFK, Jr., and HHS - HIPAA Compliance Strategies

Robert F. Kennedy Jr., Secretary of the Department of Health and Human Services (HHS), has implemented significant changes to HHS, with more expected. Substantial modifications to the HIPAA Security Rule created during the previous administration are pending, and Secretary Kennedy is responsible for their final form. In June 2025, a federal court order declared the 2024 HIPAA privacy safeguards for reproductive health information unlawful and halted their nationwide enforcement.

Time: 10:00 AM PDT | 01:00 PM EDT,
Duration: 90 Minutes
Price: ¤149.00
View Details

Sep

2025

HIPAA Reproductive Health Privacy Safeguards Halted Nationwide

On June 18, 2025, a court order invalidated the HIPAA regulations regarding Reproductive Health for HIPAA Regulated Entities (Health Care Providers, Plans, Clearinghouses and Business Associates) that had been mandatory since December 23, 2024.

Time: 10:00 AM PDT | 01:00 PM EDT,
Duration: 60 Minutes
Price: ¤149.00
View Details

Sep

2025

Avoid HIPAA Violations - Websites, Social Media, Tracking Tech, Patient Reviews

Healthcare is a profession and also a highly competitive business.

Time: 10:00 AM PDT | 01:00 PM EDT,
Duration: 90 Minutes
Price: ¤149.00
View Details

Sep

2025

Email & Texting PHI - HIPAA, TCPA, and CMS Compliance

Health Care Providers, Health Plans and Business Associates only need to follow a simple "3-Step Safeguard" for emails and text messages to avoid violating HIPAA, administered by the Office for Civil Rights of the U.S. Department of Health and Human Services (HHS), and text message violations of the TCPA (Telephone Consumer Protection Act), administered by the Federal Communications Commission (FCC).

Time: 10:00 AM PDT | 01:00 PM EDT,
Duration: 90 Minutes
Price: ¤149.00
View Details

View All

NIST/OCR–HIPAA Risk Analysis & Risk Management Explained Step-by-Step

Risk Analysis and Risk Management (RA-RM) are OCR’s top enforcement priority and the basis of every HIPAA Compliance program. RA-RM steps are easy to follow - if you know the steps. But the HIPAA Rules do not lay out specific RA-RM steps. According to OCR the HIPAA RA-RM steps are easy to find. They simply are certain procedures explained by the National Institute of Standards and Technology (NIST) in manuals that are free to download.

Paul R. Hales
Recorded
Duration: 90 Minutes
Price: ¤199.00
View Details

New HIPAA Encryption Rules for Email & Text Message and Mandatory Exception for Patients

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales
Recorded
Duration: 90 Minutes
Price: ¤199.00
View Details

New HIPAA Rules for Text Messaging & Email

Regular (unencrypted) Email and Text Messaging containing Protected Health Information (PHI) are effective engagement and communication tools that patients like and have the right to use.

Paul R. Hales
Recorded
Duration: 90 Minutes
Price: ¤199.00
View Details

HHS Mandatory Email & Text Message Encryption Rules with Only One Exception for Informed Patients

HHS and CMS have confirmed the requirement that all Emails and Text Messages containing Protected Health Information (PHI) must be encrypted.

Paul R. Hales
Recorded
Duration: 90 Minutes
Price: ¤199.00
View Details

View All