Advising on compliance with HIPAA, including policies and procedures, data disclosure and exchange, notices, negotiation of business associate agreements, and other HIPAA matters
Assisting clients with data breach/security incident response and management, including risk assessment, individual and government notification obligations, management of relationships with insurers and forensic consultants, and assisting with client communications
Advising on compliance with 42 C.F.R Part 2 (Confidentiality of Substance Use Disorder Patient Records) use of overseas vendors, and the E.U. General Data Protection Regulation (GDPR)
Advising on compliance with state law, including the California Consumer Privacy Act (CCPA), state breach notification laws, and other state-specific laws and regulations
Negotiation and vetting of data-intensive arrangements with key vendors, including electronic medical record (EMR), hosting, data recovery, and telemedicine platform vendors
Creation and negotiation of client contracts, including software, revenue cycle management, practice management, EMR, and hosting arrangements
Advising on telemedicine practice and arrangements, including practitioner licensing, state-specific informed consent and patient encounter format issues, HIPAA, prescribing, reimbursement, and other telemedicine-specific regulatory issues and considerations
Assisting startups with health care specific regulatory issues and strategies
Advising clients on research-related data privacy issues and intellectual property protection
Guiding clients on protecting their intellectual property in contract negotiation, relationships with independent contractors, and in securing patents and other federal or state-specific intellectual property protection