Privacy and Security

• Advised California hospitals on Office for Civil Rights investigations regarding large breaches and ransomware, and on security risk assessments.
• Counseled California hospitals and national health care system on health information exchange participation strategy, developed participation agreements, and privacy/security policies and negotiated  agreements.
• Conducted numerous 50-state surveys for a national pharmacy company on state minor consent laws, state law restrictions on disclosure of sensitive information, pharmacy-specific privacy requirements and related issues.
• Assisted state hospital system to disaffiliate data systems and information, considering data ownership, contractual arrangements and compliance.
• Advised on Whole Person Care CalAIM data sharing arrangements and approaches, in compliance with California and federal law.

 
Regulatory Compliance

• Drafted and revised health plan Medicare/Medi-Cal compliance policies and developed and delivered Fraud, Waste, and Abuse and HIPAA training for a California health plan.
• Drafted and revised compliance policies, including hospital medical staff bylaws, hospital consent to treatment and credentialing/peer review.
• Drafted Institutional Review Board Policies for creation of new IRB, advised on clinical research agreements.
• Assisted in internal investigations on fraud and abuse issues.
• Advised counties and public hospitals on implementation of Medicaid Bridge to Reform Waiver programs.
• Advised on development and updates to hospital utilization review policies and procedures, and end of life directives and orders.
• Advised counties on issues related to jails and correctional health services and health care.
• Advised counties on mental health/substance use disorder legal issues. 

 
Reimbursement

• Counseled a health plan on litigation appealing Medi-Cal managed care rates, represented various counties in Medi-Cal administrative appeals of mental health administrative expenses, Federally Qualified Health Center payments and related issues.
• Assisted a public hospital association in development of claiming protocols for low income health program, including administrative claiming protocol.
• Advised clients on medical necessity determinations in appeals of overpayment charges from Office of Inspector General, Centers for Medicare and Medicare Services, or Department of Health Care Services.
• Advised hospitals and physician groups on specific coding and billing issues, in particular billing for substance abuse and mental health services.
• Develop protocol for Medicaid State Plan for IT, including reimbursement for electronic health record implementation, advise on hospitals on EHR audits and appeals.
• Advised clients on medical necessity issues, including special considerations for homeless persons and other special populations.

 
Digital Health

• Counseled emerging medical device and telemedicine companies on health care regulatory strategy; provided oversight of intellectual property, general, and corporate matters.
• Developed privacy statements, consents and consulted on data security and data sharing arrangements.
• Provide analysis of fraud and abuse and corporate practice of medicine issues.
• Negotiated supplier, clinical research and other agreements.

Authored Articles & Publications Jun 29, 2021

Ransomware Prevention and Response Tips for Public Agencies

As Cities, Utilities and Others Increasingly Become Targeted, Privacy & Cybersecurity Partner Leeann Habte Gives Guidance in PublicCEO

Authored Articles & Publications Jun 24, 2021

Best in Law: Ransomware Attack

Privacy & Cybersecurity Attorneys Glen Price and Leeann Habte Give Ransomware Tips for Businesses

Legal Alerts Jul 14, 2020

CCPA Enforcement Begins as AG Proposes Rules

Final Regulations to Help Businesses Comply with California Consumer Privacy Act; Ballot Measure Could Expand Privacy Protections

Legal Alerts Aug 13, 2018

Public Agencies and GDPR Compliance

Government Entities Should Evaluate Data Collection and Use Practices

Legal Alerts Jan 24, 2017

Final Rule Issued on Confidentiality of Substance Use Disorder Patient Records

Trump Rule Freeze May Put it on Hold

• “Transitioning of Behavioral Health Data Sharing and Information Exchange: A Structured Approach to Decision Making,” Information Briefing, AHLA, April 2021
• "Health Data Defense: Understanding Security Standards and Certifications," AHLA Connections, Oct. 2021
• "Convener on Artificial Intelligence and Health Law: Designing a Trusted Framework for the Application of AI in Health Care," American Health Lawyers Association, Nov. 2020
• “Transitioning of Behavioral Health Data Sharing and Information Exchange: A Structured Approach to Decision Making” AHLA Briefing, April 2021
• "Artificial Intelligence in Health Care: Welcome to the Machine,"  AHLA Connections, June 2018
• “Federal and State Data Privacy Laws and Their Implications for the Creation and Use of Health Information Databases,” Big Data: A Business and Legal Guide, CRC Press, 2015
• “What is the Meaning of Meaningful Use? How to Decode the Opportunities and Risks in Health Information Technology,” Business Law News, July 13, 2015
• “The Big Data Dilemma: Compliance for the Health Professional in an Increasingly Data-Driven World,” Journal of Healthcare Compliance, June 2015
• “Deconstructing Cyberinsurance Coverage: Lessons From the Travelers Case,” AHLA HIT Practice Group E-alert, June 15, 2015
• “Medicare Penalties and Bonuses for Meaningful Use of EHRs Revamped as Part of the ‘Doc Fix’ Bill,” AHLA HIT Practice Group E-alert, June 8, 2015
• “Privacy Laws Impose Key Restrictions,” Executive Insight, April 20, 2015
• “Tapping Into the Big Value of Health Care Big Data,” Foley White Paper, Feb. 27, 2015
• “OIG 2015 Work Plan, Part 2: Do Fewer Projects Mean a Sharper Focus?” Compliance Today, Feb. 2, 2015.
• “Genetic Information Privacy: A Complex Regulatory Framework,” Bloomberg BNA: Medical Research Law & Policy Report, Jan. 7, 2015
• “Federal and State Privacy Laws: Strategies for Analysis of Big Data in Healthcare,” Healthcare Informatics, Dec.5, 2014
• “Privacy Issues in the Sharing of Genetic Information,” Foley White Paper, Sept.18, 2014
• “A Proactive Approach to Cloud Computing in the Health Care Industry,” AHLA Connections, June 1, 2013
• “Minnesota AG Reaches First Settlement With Business Associate Under HITECH Act,” Bloomberg BNA's Health IT Law & Industry Report, Aug. 20, 2012
• “HHS Imposes First Civil Penalty and Resolution Agreement Resulting from HITECH Breach Notification Rule,” Managed Care Outlook, April 15, 2012
• “DMEPOS Supplier Marketing Arrangements and HIPAA Compliance,” Compliance Today, Sept. 1, 2011

BB&K In the News Sep 06, 2022

BB&K’s Leeann Habte Featured on AHLA Podcast

“Health Data Defense” Episode Discusses Security Standards and Certifications

Press Releases Aug 18, 2022

38 BB&K Attorneys Recognized by Best Lawyers for 2023

Three Attorneys Awarded a “Lawyer of the Year” Designation

Press Releases Nov 11, 2021

BB&K Partner Leeann Habte Recognized As Daily Journal Top Health Care Lawyer

Publication Annually Recognizes Leading Health Care Attorneys

Client Successes Oct 28, 2021

BB&K Earns Favorable Ruling on Behalf of Pro Bono Foster Care Client

Leeann Habte and Ryan Guiboa Represent Client in Supplemental Income Hearing

Event Sep 22, 2021

Rising Threats in Cybersecurity, the Government Start-Up, Out-of-the-Box Decision-Making and More

League of California Cities 2021 Annual Conference

Press Releases Aug 19, 2021

32 BB&K Attorneys Recognized on The Best Lawyers in America List for 2022

3 Named “Lawyer of the Year” and 4 Included on “Ones to Watch” List

Authored Articles & Publications Jun 29, 2021

Ransomware Prevention and Response Tips for Public Agencies

As Cities, Utilities and Others Increasingly Become Targeted, Privacy & Cybersecurity Partner Leeann Habte Gives Guidance in PublicCEO

Authored Articles & Publications Jun 24, 2021

Best in Law: Ransomware Attack

Privacy & Cybersecurity Attorneys Glen Price and Leeann Habte Give Ransomware Tips for Businesses

Press Releases Mar 31, 2021

Partner Leeann Habte Named a Woman of Influence: Health Care

Los Angeles Business Journal Recognizes Those Who Contribute to the Community’s Health in Extraordinary Ways

Press Releases Jan 04, 2021

New Partner, Leaders and Diversity Committee

BB&K Announces Changes for 2021

Press Releases Aug 20, 2020

36 BB&K Attorneys Recognized on The Best Lawyers in America List for 2021

Three Named “Lawyers of the Year” and One Included on “Ones to Watch” List

Legal Alerts Jul 14, 2020

CCPA Enforcement Begins as AG Proposes Rules

Final Regulations to Help Businesses Comply with California Consumer Privacy Act; Ballot Measure Could Expand Privacy Protections

BB&K In the News Jul 02, 2019

Alexa, What are My Cholesterol Levels?

BB&K Partner Leeann Habte Discusses Voice Assistants and HIPAA with HealthTech

Legal Alerts Aug 13, 2018

Public Agencies and GDPR Compliance

Government Entities Should Evaluate Data Collection and Use Practices

Legal Alerts Jan 24, 2017

Final Rule Issued on Confidentiality of Substance Use Disorder Patient Records

Trump Rule Freeze May Put it on Hold

Press Releases Dec 22, 2016

Health Care Legal Veteran Leeann Habte Joins BB&K

Habte Joins the Firm’s Los Angeles Office

Presentations

• "Addressing Cybersecurity Risks: Best Practices to Keep Your Special District Secure," Webinar, California Special Districts Association, Oct. 6, 2022
• "Exploring Data Breaches: What State, Local, and Private Institutions can do to Protect Themselves and the Public," California State Senate Select Committee on Cybersecurity and Identity Theft Prevention, Nov. 8, 2021
• "Addressing Cybersecurity Risks: Best Practices to Keep Your Special District Secure," Webinar, California Special Districts Association, May 25, 2021
• "Designing a Trusted Framework for the Application of AI in Health Care," AHLA’s Convener on Artificial Intelligence and Health Law, Nov. 2, 2020
• "What COVID-19 and Other Changes Mean for Your Privacy Impact Analysis," Health Care Compliance Association, May 29, 2020
• "COVID-19 and the Mainstreaming of Telehealth," COVID-19 and the Mainstreaming of Telehealth, Los Angeles County Bar Association Healthcare Law Section, June 2, 2020
• "Artificial Intelligence in Health Care: Welcome to the Machine," American Health Lawyers Association AI and Health Law Convener, March 5, 2020
• "Health Care Artificial Intelligence: Law, Regulation, and Policy," The Stanford Center for Continuing Medical Education Conference, Nov. 8, 2019
• "Legal Panel: Cybersecurity, Artificial Intelligence, and Medical Devices," Artificial Intelligence in Healthcare Presentation, Maurice A. Deane School of Law at Hofstra University, April 4, 2019
• "Behavioral Health Privacy Compliance in a Changing Health Care Environment," Health Care Compliance Association Orange County Regional Compliance Conference, June 15, 2018
• "When Ransomware Attacks — Dancing with the Devil," American Health Lawyers Association’s Physicians and Hospitals Law Institute, Feb. 6, 2018
• "Insurance Considerations, Privacy and Cybersecurity," The Seminar Group Legal and Policy Considerations of Automated Vehicles: Balancing Innovation and Regulation Event, Sep. 15, 2017
• “In the Trenches: OCR Audits, Data Breaches, and Cybersecurity Threats & Mitigations,” Southern California Health Care Compliance Association Conference, June 16, 2017
• Strategies for Managing Business Associate Relations,” Southern California Health Care Compliance Association Conference, June 17, 2016
• “How to Navigate Proposed Changes to Substance Abuse Confidentiality Regulations,” Foley Web Conf., March 29, 2016
• “Best Practices in HIPAA Security Risk Analysis,” Health Information and Management Systems Society Privacy and Security Forum, Dec. 2, 2015
• “EHR Technology: Where Meaningful Use, Compliance, and Clinical IT Intersect,” Foley Compliance Immersion Program, Nov. 18, 2015
• “Telehealth Data Privacy and Security: Strategies and Solutions for Providers,” Foley Web Conf., Sept.16, 2015
• “HIPAA and Beyond: Compliance with Federal and State Privacy Laws,” Health Care Compliance Association Southern California Regional Conf., June 19, 2015
• “How Digital Health will Enable BioPharma to be More Patient-Centered,” CalBIO Conf., March 3, 2015
• “Data Breach Prevention and Response – Managing the Risk,” Foley Web Conf., Oct. 7, 2014
• “Protecting Patient Rights in Your ASC: What’s New in Compliance with Privacy Laws,” Ambulatory Surgical Centers Association National Conf., April 19, 2013
• “Preparing to Comply With the HITECH Final Rule,” Foley Web Conf., March 19, 2013
• “Health Care Data in the Cloud: Strategies for Contracting With Cloud Providers,” Foley Web Conf., Jan. 16, 2013
• “Cloud Computing in Healthcare: HIPAA and State Law Challenges,” Foley Web Conf., June 7, 2012
• “Privacy and Security in the HITECH Era,” Foley Web Conf., Dec. 16, 2011