Health Care

Privacy & Data Security

Our attorneys are trusted privacy and information security advisors and advocates. We maintain strong relationships with local law enforcement officials and data breach response vendors to better serve clients by offering proactive advice and quick response in the critical time following a data breach. Whether you are a company needing help or a professional advisor seeking local assistance, we are ready to assist you with your compliance, incident response, or litigation needs.

We understand and solve complex problems for service professionals, manufacturers, and contractors, as well as state and federally regulated health care providers, health plans, financial institutions, and retailers.

Stites & Harbison will:

  • Educate and provide practical solutions to strengthen data security plans and improve policies.

  • Review and draft vendor contracts, business associate agreements, terms of use and privacy policies, or transactional agreements involving data security.

  • Advise and respond to government investigations, including HIPAA and HITECH audits and regulatory compliance requirements.

  • Provide immediate advice when a data breach occurs to comply with state and federal data breach laws, investigate, and formulate effective strategies to mitigate damages.

  • Defend litigation arising from alleged privacy and security data breaches.

Members and associates actively participate in major professional organizations, including:

Certified Information Privacy Professional
  • American Bar Association

  • American Health Lawyers Association

  • Defense Research Institute

  • Mortgage Bankers Association of America

  • International Association of Privacy Professionals

Stites & Harbison attorneys work on a variety of privacy and security matters. Notable assignments include:

  • Obtained summary judgment for defendant in putative class action asserting multiple claims arising from alleged data breach.

  • Investigated and advised an employer-sponsored health plan on breach reporting obligations following a cyber-attack involving malicious software.

  • Advised on a professional legal malpractice claim concerning a data breach.

  • Advised an online retail business in responding to and investigating a data breach, including working with various State’s Attorney General offices.

  • Assisted client in responding to Office for Civil Rights complaint investigations and desk audits arising from alleged HIPAA violations and data breach reports.

  • Worked with domestic financial institutions to recover client funds unlawfully transferred to foreign banks.

  • Advised client and collaborated with FBI and other law enforcement concerning theft of funds arising from multiple data breaches.

  • Advised employer in connection with employees’ confidential postings on social media.

  • Analyzed and identified HIPAA-regulated product offerings for a financial institution and worked with internal legal, compliance, and business teams in developing a comprehensive HIPAA compliance plan.

  • Represented a medical practice in a data breach investigation and notification to individuals following insider theft of social security numbers from patient medical records.

  • Performed an enterprise-wide data classification analysis for an organization regulated by numerous state and federal privacy laws; drafted vendor contract with requirements to safeguard information in compliance with applicable laws.

Main Contacts
See more related to Privacy & Data Security
Client Alerts

Taking Stock of Your 2019 Cybersecurity Resolutions

Did you decide that 2019 will be the year you tackle those cybersecurity threats to your organization that keep you up at night? It’s February, and a good time to take stock of whether your organization is following through on its cybersecurity goals. Some estimate that 80% of resolutions fail by the second week of February.

by Jennifer Henry Jackson and Sarah Cronan Spurlock February 08, 2019
Press Releases

Lawyer Monthly Names Stites & Harbison as Law Firm of the Year-USA for 2018 in Two Categories

LOUISVILLE, Ky.—Lawyer Monthly has selected attorneys Mike Risley and David Owsley as well as Stites & Harbison, PLLC as recipients of the “Legal Awards 2018.” Risley and the firm won in the category of Benefits and Pensions – Law Firm of the Year – USA; Owsley and the firm won in the category of Technology, Data Privacy – Law Firm of the Year – USA.

by Stites & Harbison, PLLC December 28, 2018
Press Releases

Stites & Harbison Recognized as Client Service Leader in BTI Client Service A-Team 2019

LOUISVILLE, Ky.—BTI Consulting Group recently selected Stites & Harbison, PLLC as a client service leader in the prestigious BTI Client Service A-Team 2019: The Survey of Law Firm Client Service Performance.

by Stites & Harbison, PLLC December 27, 2018
Events

MCM Financial Institutions Summit 2018

Date: 7/31/18

Buffalo Trace Distillery, 113 Great Buffalo Trace, Frankfort, KY 40601

The 2018 MCM Financial Institutions Summit will feature discussions with regional and national experts on the topics of risk management, bill payment, information technology, cybersecurity, and alternatives with insurance management.

Sarah Cronan Spurlock July 18, 2018
Press Releases

Chambers USA 2018 Honors Stites & Harbison

LOUISVILLE, Ky.—Chambers USA selected 18 Stites & Harbison, PLLC attorneys in Kentucky and Tennessee for inclusion in their 2018 guide. The Chambers USA guide ranks the top law firms and leading attorneys in the United...
by Stites & Harbison, PLLC May 08, 2018
Presentations

Cybersecurity and Best Practices for Lawyers

Presentation by Ian Ramsey to the Forum on Construction Law Annual Meeting in New Orleans with Special Agent Oakes.

by Ian T. Ramsey April 13, 2018