Case Study: Alliances
As provider groups and hospitals across the country began to embrace the use of electronic health records, the OMW Digital Health Group helped a multi-specialty pediatric provider group better align itself with the local children’s hospital through a Stark/Anti-Kickback compliant EHR Donation Arrangement. The provider group needed an EHR system that would be interoperable with the system deployed by the hospital in order to better coordinate care for its young patients. In compliance with the Stark/Anti-Kickback rules, we crafted an arrangement whereby the hospital donated 85% of the cost of the EHR system in addition to software support and upgrades to the physician group.
Following the 2009 HITECH Act and the EHR Incentive Program, we provided meaningful use related legal guidance to the physician practice to allow them to attest to the Medicaid EHR Incentive Program AIU requirement beginning in 2011. We assisted by analyzing patient volume requirements and by providing on-call legal guidance to meet the meaningful use requirements. The physician practice has successfully attested to meaningful use through 2014, including meeting the Stage 2 requirements.

Case Study: Compliance
With the release of the HITECH Act and the Omnibus HIPAA Rule, Business Associates both large and small have sought legal advice on compliance with HIPAA obligations. One of our clients, a medical device company that stores PHI and provides customer support to its customers, asked us to provide a comprehensive HIPAA training. Overwhelmed with the number of Business Associate Agreements and the variety of legal requirements pushed down by covered entity customers, our client sought legal guidance related to both compliance with the HIPAA Security Rule requirements as well as discerning the actual legal requirements for Business Associate Agreements.
Most importantly however, our client needed assistance in providing HIPAA related training to its employees. Due to the focus on the new HIPAA rules the sales team needed education on how to address customer concerns about HIPAA compliance in order to gain trust from covered entity customers. We provided onsite HIPAA training to the customer service staff, software engineers, and sales team on HIPAA compliance and identifying customer compliance concerns. In addition, we strategized with our clients on how to design data flow between the covered entity and Business Associate to minimize HIPAA related risks.

Case Study: Digital Strategy
We get excited about working with startups and enjoy meeting with technology companies as they look to disrupt the healthcare market place. We help them to work within the confines of HIPAA rather than avoiding patient data altogether. Following a recent success in a local incubator, a software company approached the OMW Digital Health Group for guidance on how to design its data strategy.
On behalf of our client we identified the sources of the data and when such data was considered protected health information versus healthcare information provided directly by an individual. We created HIPAA authorizations, website terms and conditions and privacy policy, and negotiated Business Associate Agreements on the client’s behalf. Acknowledging that consumer trust was paramount to success we aided our client in developing and implementing robust HIPAA Security Policies and Procedures.
And now, as our client is about to pivot to its next great adventure in the healthcare ecosystem we are there to aid the client in negotiating its relationships with other technology companies and covered entities alike.

Our Clients



















Services
Alliances
- Accountable Care OrganizationsCounsel clients on the legal issues for forming or participating in ACOs, including choice of legal structure, risk-sharing models, health IT, and governance.
- Clinically Integrated NetworksGuide clients through the process of forming integration arrangements, helping organizations meet their goals of financial stewardship, quality improvement and regulatory compliance.
- Mergers and AcquisitionsDraft letters of intent and definitive agreements, conduct due diligence analysis, conduct environmental and regulatory compliance reviews, negotiate and document financing agreements, obtain regulatory approval, review tax issues and execute all other aspects of the acquisition or merger transaction.
- System AcquisitionReview and negotiate software license agreements and hardware procurement contracts with different software and hardware vendors, including many of the top vendors in the healthcare industry.
- EHR Donation ArrangementsGuide clients through requirements of the Stark/Anti-Kickback laws involving a hospital’s technology donation arrangement, associated repercussions of non-compliance, contracting options, and overall strategy.
Digital Strategy
- HIE ArrangementsCounsel clients on the legal issues surrounding HIE, from access and use agreements to the legal framework for funding HIE projects.
- Data Breach ResponseCounsel clients through the full life cycle of a breach incident. From the initial assessment of an incident, through the risk mitigation and notification phases and any related government investigations or enforcement actions, we advise clients on how to appropriately respond to such data breach scenarios under applicable state and federal law.
- Cyber Liability InsuranceCounsel clients on obtaining appropriate cyberliability insurance. Data privacy/breach policies can cover both the costs to the company in the event of a data breach such as business interruption and notification to affected parties as well as the cost of defense and indemnity in the event affected consumers or patients bring claims.
- Digital Health ContractingExperience with a broad range of licensing, outsourcing and other technology transactions on behalf of hospitals, physicians groups, health information networks, telemedicine organizations and technology companies. We work with our clients to address regulatory compliance with software or product modifications, enhancements and upgrades.
- HIPAA StrategyAdvise clients on how to structure businesses and relationships in order to comply with HIPAA requirements but enable interoperability, health information exchange, care coordination and data analytics.
- Data GovernanceProvide strategic guidance on the management, usability and security of PHI in order to enable clients to analyze and utilize data to drive better patient outcomes and develop software tools for the healthcare industry.
Compliance
- 21st Century Cures ActProvide strategic guidance to healthcare provider organizations and technology companies seeking to drive health system transformation.
- HITECH ActGuide both rural and urban providers on how they can use the HITECH Act funds to launch or augment their EHR efforts, maintain the confidentiality of patient information and use technology to enhance the quality of patient care.
- HIPAA Privacy and SecurityHelp clients avoid penalties under the Stark and Anti-Kickback statute, by assessing and forming arrangements that comply with current regulations, eg. EHR Donation Arrangements.
- Stark & Anti-Kickback LawsHelp clients avoid penalties under the Stark and Anti-Kickback statute, by assessing and forming arrangements that comply with current regulations, eg. EHR Donation Arrangements.
- Meaningful UseAssist hospitals and physicians achieve Meaningful Use in the Medicare and Medicaid EHR Incentive Programs, by assessing technology, guiding them through attestation of measures, and responding to Meaningful Use audits.
- FDARepresent companies in product liability litigation as well as providing clients risk management counseling on issues related FDA regulatory matters, product recalls and the emerging area of health IT.
- Behavioral HealthIdentify and advise clients on special state and federal rules governing the use and disclosure of behavioral health and substance abuse records. Assist clients in creating appropriate policies and procedures governing the protection of behavioral health and substance records, and the proper means to store and transmit such information in electronic health record systems and health information exchanges.
- TelemedicineHelp clients navigate array of federal and state legal issues associated with telemedicine, including credentialing and privileging rules, privacy and HIPAA concerns, and contracting for telemedicine services and technology.
- Business Associate AgreementsAnalyze and negotiate Business Associate Agreements for both covered entities and business associates.
Our Team











The purpose of our website is to inform our clients and friends about the firm and of recent legal developments in different areas of law. It is not intended nor should it be used as a substitute for specific legal advice or opinions since legal counsel may be given only in response to inquiries regarding particular situations. While we would like to hear from you, an attorney/client relationship cannot be established until we know that doing so will not create a conflict of interest and until we reach an agreement on terms of representation. Therefore, do not send us confidential information about any matter that may involve you at this time.