-
Internet of Things
Innovators are developing interconnected devices and software linked across the Internet of Things to produce a tsunami of health data that must be responsibly and efficiently stored, transmitted, processed, interpreted and protected. This activity is subject to evolving state, federal and international laws; private contracts; professional obligations; and ethical limitations. -
Privacy/cybersecurity
Privacy and security have emerged as essential elements of any Big Data initiative. And regulators have made clear that advanced analytics can occur only with ever-increasing attention to the ways that health information can be misappropriated or misused.
Experience
-
Negotiate data-sharing agreements among collaborators in life sciences research projects.
-
Advise covered entities and business associates on Health Insurance Portability and Accountability Act (HIPAA) privacy, security and breach notification compliance requirements.
-
Guided a large pharmaceutical manufacturer through its implementation of Medicare Secondary Payer reporting.
-
Implemented internal guidelines for a pharmaceutical company to track and report payments to physicians and teaching hospitals under the Open Payments provisions of the Physician Payment Sunshine Act.
-
Advised a provider of a direct-to-consumer personal health record solution on the regulatory considerations affecting such entities that operate outside of the HIPAA regulatory regime.
-
Advised a state-sponsored operator of a health information exchange on its federal Department of Health and Human Services grant funding agreement and related compliance requirements.
-
Advise biotech clients on the licensing of data and technology from federal agencies such as the Centers for Medicare and Medicaid Services and the National Institutes of Health.
-
Advise software developers operating as business associates on the contractual, intellectual property and regulatory considerations involved in conducting data aggregation and de-identifying and using health information for secondary purposes.
-
Advised on the patent eligibility of algorithms, software and methods of analysis relating to genetic data.
-
For software startups in the healthcare sector, developed standards for ensuring that HIPAA-covered information is secured, while ensuring that information is de-identified in accordance with HIPAA standards.
-
For a clinical research sponsor, negotiated a clinical trial agreement that protects the sponsors' rights to receive and use clinical data within the scope of the institutional review board–approved informed consent.
-
For pharmaceutical companies, advised on foreign and domestic privacy and data protection issues in the context of document production in patent litigation.
-
For a large account servicing organization, conducted regulatory due diligence review in the acquisition of a health claims processing company.
-
For a nonprofit healthcare provider, investigated and coordinated the remediation, individual notification and regulatory reporting stemming from a loss of computer media containing unsecured health data.
