The Privacy Mega Reg: Understanding and Implementing Substantial Changes
March 21, 2013
2:00 pm - 3:30 pm EST
The U.S. Department of Health & Human Services (HHS) issued four final rules, combined and commonly referred to as the “Mega Reg,” that address a number of aspects of patient privacy. The new rule will strengthen the privacy and security protection for individuals' health information in an ever expanding digital age. It will be effective March 26, but compliance with most of the provisions must be implemented by September 21.
Join us on March 21 for a webinar in which attorneys from the law firm of Crowell & Moring will dissect the changes made by the HHS, provide detailed analysis of the changes, as well as present experienced commentary and real-life implementation scenarios.
In this webinar, the speakers will cover:
- Evaluating the new requirements’ effects on existing business associate contracts
- The elimination of the Risk of Harm Standard and New Criteria for Evaluating Data Breaches
- Direct Liability of Business Associates and Subcontractors
- Strengthened Restrictions on Marketing and Sale of Information
- Expanded Individuals’ Rights to Access and Restrict Information
- Required Updates to Privacy Notices
- Understanding Enforcement
Earn credit toward the new Healthcare Compliance ProfessionalTM (HCP) designation.
Jeff Poston is a partner in the Washington, D.C. office of Crowell & Moring and is in the firm's Litigation Group. He is a trial attorney focused on complex commercial cases involving data protection, financial services, business tort, antitrust, and healthcare disputes.
Jeff has litigated and tried dozens of cases on behalf of corporate clients in a wide variety of industries. Most recently, he represented DuPont against monopolization counterclaims brought by Kolon Industries. In April 2012, on the eve of the trial, the Eastern District of Virginia granted summary judgment for DuPont and dismissed the claims with prejudice. This was the second major win in Crowell & Moring’s work for DuPont stemming from trade secrets litigation against Kolon. The first was a jury award of $919.9 million for DuPont for theft of trade secrets related to DuPont’s Kevlar® business and technology.
Jeff also has extensive experience in defending corporate clients against class actions and federal and state investigations alleging data security breaches. He has represented healthcare companies involved in some of the largest alleged data breach cases brought under the federal Hi-Tech Act and various state privacy, data security and unfair competition laws. Jeff has negotiated favorable settlements of these claims with state regulators and attorneys general. Recently, Jeff was part of a litigation team that obtained a dismissal of nine consolidated class actions in the Eastern District of California, alleging that a national healthcare company violated the California Medical Information Act ("CMIA") by disclosing the data of over one million members.
Barbara H. Ryland is a senior counsel in Crowell & Moring's Washington office. As a member of the Health Care Group, Ms. Ryland's experience lies in the areas of managed care business relationships and transactions; pharmacy benefit management; fraud and abuse compliance and investigations; confidentiality and privacy; and general business and regulatory issues in the health care industry. She has also represented clients in litigation matters involving contract disputes and antitrust issues.
Over the last several years, Ms. Ryland has represented health plans, pharmacy benefit managers, specialty pharmacies, health software vendors and other business organizations in the health care industry. She graduated from Duke University Law School in 1987, where she was an editor of Law & Contemporary Problems. She received her undergraduate degree in 1983 from the University of Virginia. Prior to her employment at Crowell & Moring, she clerked for the U.S. Court of Appeals for the Fourth Circuit, and was an associate in the tax and employee benefits practice at Miller & Chevalier Chrtd, and a principal at Michaels & Bonner, P.C.
Ms. Ryland is a member of the District of Columbia and Maryland bars. She has published articles and lectured on a variety of issues of concern to managed care organizations and healthcare providers including confidentiality of health care information, e-commerce issues in health care, antitrust and fraud and abuse. She is the co-author of A Guide to Health Care Financial Ventures and has recently edited an ABA treatise on health care joint ventures and antitrust law.
Robin Campbell is a counsel in Crowell & Moring's Health Care Group and a member of the firm's Privacy & Data Protection team. She specializes in the development and implementation of information management strategies for the handling of personal information, including employee, customer, and consumer information.
Robin focuses on the myriad state security breach notification statutes and the HITECH breach notification provisions, advising clients both on safeguard protocols and response plans in advance of a breach and notification procedures and best practices after a security breach. Robin has advised and defended clients against enforcement actions brought by state Attorneys General under state security breach notification laws and the new enforcement powers under HITECH, as well as enforcement actions and inquiries by other state and federal regulators stemming from security incidents. Robin also advises clients on a variety of U.S. state and federal laws falling within the privacy arena, such as COPPA, the Gramm-Leach-Bliley Act, the Fair Credit Reporting Act, the CAN-SPAM Act, and consumer data collection in the retail, financial, and other industries. She drafts and negotiates contractual agreements concerning the use of personal and protected health information, security and confidentiality, as well as the privacy and security components of more general contractual agreements. She is also well versed in the pitfalls of workplace privacy and employee monitoring and has worked with clients to develop responsible and manageable policies.
Prior to joining Crowell & Moring, Robin worked in Geneva, Switzerland as a special consultant to Hewlett Packard, Europe when the European Data Protection Directive was in the early stages of implementation. She worked with a cross-functional task force to develop a global compliance strategy under both the EU Directive and the upcoming Safe Harbor requirements. The task force acted as a European advisory body on the new privacy legislation, a central point of contact for all questions related to privacy and data protection, and it promoted a detailed policy framework within the company for handling personal data in its daily business.
Robin received her bachelor of arts cum laude from Angelo State University. She graduated from the University of Texas School of Law in 1990, and studied at the University of London where she specialized in international law. She is a member of the California and the District of Columbia bars.
The content presented in this webinar is solely attributable to the speaker and does not represent an endorsement by America's Health Insurance Plans (AHIP) of the accuracy of the information presented in the audio conference or any opinion expressed by the speaker.