Robyn Sterling is an Associate in the Health Care Department, resident in the Chicago office. Her practice focuses on transactional and regulatory health care matters.Robyn’s experience in transactional matters includes representing hospitals, dental management companies and pharmaceutical, medical device and nutritional supplement companies, as well as private equity funds and other health care company investors in mergers, acquisitions and other complex health care transactions. In addition to transactional work, Robyn regularly advises clients on regulatory and compliance matters. She has particular experience with health information privacy and security, including the Health Insurance Portability and Accountability Act (HIPAA) and HITECH, state privacy laws, and fraud and abuse laws, as well as the promotion of pharmaceutical products and medical devices.Prior to entering private practice, Robyn worked for the U.S. Department of Health and Human Services’ Office of the Inspector General, primarily in the areas of Food and Drug Administration and Medicare. She concentrated on identifying and deterring fraud, waste and abuse. Robyn’s research included methods to improve and increase oversight and regulation of clinical research as a whole. Her recommendations to the FDA were featured on the front page of The New York Times and in many other major news outlets. While pursuing a Master of Public Health degree, and before her work with the Office of the Inspector General, Robyn served as the Health Law and Bioethics Fellow at Boston University School of Public Health.Robyn also serves as General Counsel to the Lake Tanganyika Floating Health Clinic, and serves on the Board of Directors for the Children’s Cause for Cancer Advocacy.
HHS reached a settlement on March 12, 2012 with Blue Cross Blue Shield of Tennessee (“BCBST”) for $1.5 million stemming from a 2009 data breach. This settlement represents the first under the HITECH Act.
Continue Reading...One April 17, 2012, the United States Department of Health and Human Services Office for Civil Rights (“OCR”) reached a settlement with Phoenix Cardiac Surgery (“PSC”) for alleged violations of the HIPAA Privacy and Security Rules.
Continue Reading...A federal district court dismissed an action against an employer alleging vicarious liability for an employee’s dissemination of a patient’s protected health information (PHI) related to treatment for a sexually transmitted disease (STD). Specifically, the court found that the employer, a private New York medical clinic, was not vicariously liable for the actions of the employee because the employee was acting in a personal capacity which was beyond the scope of her employment.
Continue Reading...On January 19, 2012, Minnesota Attorney General Lori Swanson exercised her authority under the HITECH Act by filing a lawsuit against a business associate for the failure to protect protected health information (PHI) and for the failure to disclose the extent to which PHI was utilized. The case alleges that Accretive Health, Inc., a debt collection agency, lost a laptop containing unencrypted PHI of approximately 23,500 Minnesota patients. This represents the first case brought by a state attorney general under HIPAA.
Continue Reading...The Illinois Personal Information Protection Act (PIPA) requires that any “data collector”, which includes businesses, universities, governmental agencies or any other entity that deals with personal information, notify Illinois residents in the event of a data security breach. Recently, the Office of Illinois Attorney General Lisa Madigan issued guidance that provides tools to assist entities in preventing, preparing for and responding to data security breaches. The guidance suggests that entities assess the amount of personal information on file, reduce the amount of personal information available within the entity, protect the information accordingly and train employees to properly manage the information. In order to respond quickly and efficiently to a data security breach, the guidance encourages entities to create and implement an incident response plan that includes the PIPA notice requirements.
For additional information about the Information Security and Security Notification Guidance, click here.
On November 8, 2011, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced details of its HIPAA Privacy and Security Audit Program pursuant to the American Recovery and Reinvestment Act of 2009, Section 13411 of the HITECH Act. The OCR pilot program calls for approximately 150 audits of covered entities, to commence in November 2011 and expected to conclude by December 2012. The audits are intended to address privacy and security compliance, and assist OCR in assessing and identifying best practices as well as risks and vulnerabilities for health care entities.
Continue Reading...On December 17, 2008, Wellpoint Companies terminated the employment of one of its enrollment and billing department managers for a failure to report a suspected violation of the company’s privacy policy for information protected under HIPAA, and on July 19, 2011, the Connecticut Court of Appeals released an opinion that supported the denial of unemployment benefits to that individual for failure to report.
Continue Reading...
Kristen J. Mathews is head of the Privacy and Data Security Group and a member of the Technology, Media and Communications Group. Kri...More...
Jeff Neuburger is a partner in the New York office and Co-Chair of the Technology, Media and Communications Practice Group at Proskau...More...
Chandi Abeygunawardana is an Associate in the Corporate Department, resident in the New York office....More...
Peta-Anne Barrow is a senior Associate in the Labor & Employment Law Department, resident in the London office. Peta-Anne has extensi...More...
Amy Crafts is an associate in the Litigation Department, and focuses on commercial litigation, including intellectual property, anti-...More...
Margaret A. Dale is a partner in the Litigation and Dispute Resolution Department and is resident in the New York office.Margaret’s p...More...
Nolan M. Goldberg is a Senior Counsel in Proskauer's Litigation & Dispute Resolution Department and a member of the Patent Law Group,...More...
Kevin Khurana is an Associate in the Corporate Department, resident in the New York office.While in law school, Kevin was a St. Thoma...More...
Marianne Le Moullec is an Associate in the Litigation Department, resident in the Paris office. She works in collaboration with Mirei...More...
Charley Lozada is an Associate in the Corporate Department of Proskauer Rose LLP's New York office and a member of the Privacy and Da...More...
Cécile Martin is an associate in the Labor and Employment Law Department in the Paris office of the Firm. She has experience in all e...More...
Jeremy Mittman is an associate in the Los Angeles office of Proskauer Rose LLP. Prior to joining the Los Angeles office in October 20...More...
Natalie Newman is an associate in Proskauer Rose LLP’s Corporate Department and is a member of the Intellectual Property and Privacy...More...
Robyn Sterling is an Associate in the Health Care Department, resident in the Chicago office. Her practice focuses on transactional a...More...
Brendon Tavelli is an associate in the Litigation and Dispute Resolution Department and a member of the firm’s Privacy and Data Secur...More...
Paresh Trivedi is an Associate in the Corporate Department. He advises clients on a variety of complex technology, intellectual prope...More...
Robert D. Forbes is an Associate in the Litigation & Dispute Resolution Department in the Los Angeles office. He has experience in a...More...Interested in regularly receiving this blog?
You may add this blog to your feeds by clicking here. 
Or to subscribe by email, enter your email address in the grey box below and hit "GO."
