Karen Mandelbaum is a Senior Counsel in the Health Care and Life Sciences practice, in the Washington, DC, office of Epstein Becker Green. She has deep experience in all aspects of data privacy and protection due to her work as a privacy and security official at the Centers for Medicare & Medicaid Services (CMS), and in the private sector.
Ms. Mandelbaum:
- Advises clients on all aspects of federal and state privacy and consumer data protection laws and regulations, including, HIPAA, HITECH, and 42 CFR Part 2
- Helps design and develop effective data governance strategies that maximize value and encourage trust
- Advises on developing and implementing cybersecurity and privacy programs, designing information system security and privacy policies, implementing and operationalizing privacy and security controls, and designing metrics to monitor program compliance
- Assists with developing policies and procedures for security and privacy incident reporting and breach notification, responding to cyber incidents and data breaches, and mitigating the impact of data breaches
- Advises clients on provider reimbursements and Medicare, Medicaid, and Affordable Care Act programs and models
- Assists health care clients in fraud, waste, and abuse-related investigations and litigation
Before joining Epstein Becker Green, Ms. Mandelbaum served as the Senior Advisor for Security & Privacy Policy and Governance to the Chief Information Officer, Chief Information Security Officer, and Senior Official for Privacy in the Office of Information Technology at CMS, where she was responsible for developing and implementing an integrated approach to CMS’s cybersecurity and privacy program. She was previously a Privacy Policy Subject Matter Expert at the Center for Consumer Information & Insurance Oversight (CCIIO), responsible for defining the scope of privacy requirements and the privacy policy program for the health insurance exchanges and the Federally-Facilitated Marketplace. Earlier in her career, she served as General Counsel and the Privacy and Security Officer of a national health care technology company and then was an attorney at a law firm in Minnesota, where she acted as outside counsel for small and mid-sized business clients on all health care-related privacy and compliance matters.
Ms. Mandelbaum received the 2018 CMS Administrator’s Honor Award for Execution of Major Projects in appreciation of her contributions to the New Medicare Card Initiative. She also received the 2017 Administrator’s Honor Award for Organizational Excellence in recognition of her contributions to developing the Website Notices for Healthcare.gov and Medicare.gov as part of the Office of Communications Marketing and Privacy Team.
More Legal and Business Bylines From Karen Mandelbaum
- Advancing Interoperability and Improving Prior Authorization: No One Said It Would Be Easy! - (Posted On Tuesday, April 02, 2024)
- ONC’s “Information Blocking Enhancements” Under the HTI-1 Rule Are in Effect - (Posted On Monday, April 01, 2024)
- HHS Publishes Proposed “Disincentives Rule” to Prevent Information Blocking by Health Care Providers - (Posted On Saturday, December 09, 2023)
- The Guiding an Improved Dementia Experience (“GUIDE”) Model - (Posted On Monday, November 13, 2023)
- HHS Proposes Amendments to HIPAA that Protect Reproductive Health Care Information in Wake of Dobbs - (Posted On Monday, June 12, 2023)
- HHS Warns HIPAA Covered Entities and Business Associates That Use of Website Cookies, Pixels, and Other Tracking Technology May Violate HIPAA Rules - (Posted On Tuesday, December 27, 2022)
- HHS Warns HIPAA Covered Entities and Business Associates That Use of Website Cookies, Pixels and Other Tracking Technology May Violate HIPAA Rules - (Posted On Monday, December 05, 2022)
- Interoperability: A New Vision Through openEHR [PODCAST] - (Posted On Thursday, July 14, 2022)
- Interoperability and Its Impact on Payors - (Posted On Wednesday, June 23, 2021)
- Information Blocking – How Did I Become an “Actor”? - (Posted On Tuesday, June 22, 2021)