MINNESOTA HEALTHCARE ATTORNEY

Healthcare organizations, as repositories of highly sensitive patient data, are at high risk for catastrophic privacy breaches.  In addition, healthcare organizations are also at the forefront of medical and health-related innovation making them a prime target for cyber-attacks. The risks and costs associated with healthcare privacy and data security breaches are too high, and the confidential, personal health data of millions are at risk. This makes data security healthcare’s biggest concern today and makes it clear that innovative approaches to meeting the legal challenges associated with privacy and data security are of the utmost importance.

At Innova Law Group, I merge my years of experience working with healthcare organizations of all sizes with my passion for privacy and data security.

SERVICES FOR HEALTHCARE ORGANIZATIONS

As external counsel, I work very closely with my healthcare clients to:

• Advise clients on the development of best practices for the collection, maintenance, and sharing of high-risk data as well as risk mitigation to help avoid breaches and cyber intrusions.

• Use my in-depth knowledge of Electronic Health Record (EHR) systems to assist my clients to understand and mitigate the specific risks when using these required systems.

• Assist my clients to comply with the constantly evolving, industry-specific privacy and data protection regulatory requirements.

• Provides guidance regarding privacy and data protection implications associated with the deployment of mobile communication and data storage technologies, mobile applications, and location-based services.

• Assist clients to develop software and cloud vendor agreements, website and mobile app privacy policies and terms and conditions of use, and social media policies, practices and procedures.

• Partner with clients’ internal resources to perform gap analysis and risk assessments of data loss prevention and compliance programs including development of travel policies, discovery protocols and technology deployment.

• Provide guidance and oversight of internal investigations including patient threat, drug diversion, embezzlement, employee misconduct and misuse of intellectual property.

• Guidance into investigation and implications of unauthorized access, use or disclosure of personally identifiable and health information and in reviewing the unauthorized transfer of data from companies by internal and external actors.

• Advise clients on a wide range of privacy and security issues under HIPAA (including the Privacy Rule, Security Rule, and Breach Notification), HITECH, state privacy laws and applicable international privacy laws, such as the EU General Data Protection Regulation (GDPR).