Overview

Foley Hoag’s Health Information Privacy & Data Security Practice advises companies, organizations, nonprofits and state agencies whose cutting-edge work is covered by or pushing the limits of HIPAA. We also understand how at-home DNA testing kits, fitness trackers and wearable devices and apps that monitor and assess your health are collecting and sharing health information not covered under HIPAA.

Our attorneys know the intricacies of this highly specialized subset of privacy and healthcare law. We regularly assist clients in establishing privacy and security policies, written information security plans, and incident response plans, and provide related training. We also advise clients on incident evaluation, data breach response procedures, and strategic planning to effectively navigate potential breaches, and related government investigations and litigation. All of these tasks can help you company safeguard its assets and execute remediation strategies in the event of compromised health information.

As digital health continues to evolve and companies look to protect voluminous amounts of sensitive data, Foley Hoag’s multi-disciplinary team is expertly positioned to help clients utilize and share that data, while complying with the myriad laws in this space (HIPAA, GDPR, CCPA and more); we do so while also seeking to mitigate risk and protect patient privacy and data security.