• Regularly advise health care clients regarding compliance with the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and other state and federal legislation, including the Massachusetts Standards for the Protection of Personal Information.  Draft and update internal HIPAA and privacy policies and business associate agreements with outside vendors.
  • Regularly advise clients in responding to subpoenas, court orders, warrants and other requests for patient records.
  • Represented specialty medical practice with respect to a HIPAA breach involving more than 15,000 patients. Assisted with breach analysis, correction of conditions that caused the breach, and notice of breach sent to affected patients, local media outlets and Centers for Medicare & Medicaid Services, Office of Civil Rights.
  • Regularly counsel health care providers on the developing law concerning network-connected medical devices.
  • Assist clients in developing data security and incident response policies.