Skip to main content

Healthcare Privacy and Data Security

We routinely help our clients address privacy, cybersecurity and electronic transaction issues, including under the US Health Insurance Portability and Accountability Act (HIPAA). These clients include both HIPAA-covered entities (health care providers and health plans) and HIPAA business associates (such as information technology firms and other service providers), as well as others indirectly affected by the privacy-related legal requirements. We also have extensive experience advising clients under the General Data Protection Regulation (GDPR). Our work includes counseling on emerging risks relating to genetic privacy and transfers of data in large, global clinical trials.

  • Breadth of Knowledge: We have extensive experience assisting clients in sensitive and complex privacy matters ranging from novel digital health solutions requiring transfer of patient data to government investigations of privacy breaches and subject data issues in global clinical trials.

  • Stepping into the Breach: We work with clients in the event of data security breaches, assisting them on each step of the process of responding to, mitigating and attempting to allocate responsibility for the occurrence and consequences of those breaches.

  • International Capabilities: We advise on privacy and data protection matters for life science and medical device companies around the world, as well as coordinate investigation and enforcement matters globally.