Ever-increasing federal and state regulations, as well as enforcement activity governing electronic recordkeeping and disclosure, require constant privacy and security management.

Groom attorneys work with insurance companies, managed care organizations, plans, and numerous trade associations, to identify areas of risk and related solutions to ensure compliance with all applicable laws, including state privacy rules, HIPAA, and HITECH. Additionally, our attorneys have a wealth of experience helping clients with crisis management in the event of unintended disclosure of protected health information – including determining whether notice to affected parties or regulators is required, as well as the development and implementation of breach notice strategies and related communications.

From drafting and updating policies and procedures to risk management to establishing or contracting with service providers to provide electronic health records to plan participants, Groom attorneys provide hands-on support for all of our clients’ needs.


  • Crisis Management
  • Data Sharing Agreements
  • Health Cybersecurity
  • Nondisclosure Agreements
  • Privacy Notices and Reporting
  • Risk Management
  • State Privacy Laws