August 14, 2020

Volume X, Number 227

Patricia C. Shea

Ms. Shea advises an array of health care providers, health care clearinghouses, health plans (including fully and self-insured employer-sponsored welfare benefit plans), medical equipment manufacturers and other entities operating in the health care space (such as application developers or new product manufacturers) regarding their compliance obligations, including federal, state, and international laws governing the privacy and security requirements related to collecting, using and disclosing data. Ms. Shea also advises entities in other sectors regarding data privacy and security requirements applicable to non-health related data.

Representative activities include:

  • Assisting clients in identifying the advantages and disadvantages of proposed strategic relationships, such as clinically integrated networks and organized health care arrangements, to assess how the relationships may affect the flow of data among the participants or impose additional requirements

  • Collaborating with application developers to ensure appropriate data safeguards are identified at the requirements definition stage of development and incorporated into the design of applications and preparing associated terms of service and privacy policies

  • Assisting health care providers in assessing licensure and other requirements for operating in the digital health space (e.g., telemedicine providers)

  • Examining existing practices and safeguards regarding data collection, usage and disclosure for compliance with applicable laws and developing and assisting in the implementation of documented policies and procedures and other safeguards for new market entrants

  • Training on compliance obligations

  • Assisting entities in internal investigations of potential noncompliance and remediating confirmed noncompliance

  • Responding to breaches and fulfilling associated notification obligations and responding to investigations and letters of inquiry from various regulatory agencies regarding compliance obligations and data breaches

  • Examining proposed relationships and compensation structure for compliance with applicable anti-kickback or referral prohibitions

  • Negotiating participation agreements with third-party payors for services to be provided by health care providers

Articles in the National Law Review database by Patricia C. Shea