Cloud Computing in Healthcare: Mitigating Privacy Risks and Negotiating Business Associate Agreements
Navigating HIPAA, HITECH, State Law and International Jurisdiction Challenges
Recording of a 90-minute CLE webinar with Q&A
This CLE course will provide guidance to healthcare counsel for managing privacy and security risks when using cloud computing to outsource the storage of patient information. The panel will also discuss key provisions to include in business associate agreements with cloud vendors to minimize liability exposure.
Outline
- Legal considerations under HIPAA, HITECH and state privacy laws
- Negotiating business associate agreements with cloud computing vendors
- Risk allocation/shifting provisions
- Liability for data breach
- Cybersecurity insurance considerations
- Challenges of international jurisdiction when patient information is stored outside of the United States
Benefits
The panel will review these and other key questions:
- What are the different cloud computing models available to healthcare providers?
- What measures should healthcare providers using cloud computing take to ensure compliance with HIPAA and state law privacy and security requirements?
- What risk allocation and mitigation provisions should counsel to hospitals and physicians include in business associate agreements with vendors to help mitigate liability for data breach?
Faculty

Joshua Carlson
Principal
Joshua Carlson
Mr. Carlson has over 15 years’ experience in data security and data privacy, and provides guidance to companies... | Read More
Mr. Carlson has over 15 years’ experience in data security and data privacy, and provides guidance to companies on obtaining and maintaining private and governmental compliance. He specializes in healthcare legal compliance with HIPAA, including performing audits, risk assessments, vendor risk assessments, and assessments in relation to BAs, subcontractors, breach and policies and documentation. He is currently Co-Chair of the Minnesota State Bar Data Privacy & Data Security Committee.
Close
Patrick X. Fowler
Partner
Snell & Wilmer
Mr. Fowler assists companies dealing with technology issues related to internet/e-commerce claims, intellectual... | Read More
Mr. Fowler assists companies dealing with technology issues related to internet/e-commerce claims, intellectual property disputes, data privacy and security concerns and e-discovery issues. He advises and assists clients with developing data storage and data security protocols (including cloud computing and cloud storage), information governance policies and procedures, document retention policies and electronic discovery processes. He is also a member of the Executive Council for the Arizona State Bar eCommerce and Technology section.
Close
Richard L. Green
Partner
McCarter & English
Mr. Green handles matters involving the sourcing, commercialization, use and protection of intellectual property,... | Read More
Mr. Green handles matters involving the sourcing, commercialization, use and protection of intellectual property, technology and technology-enabled products and services around the world. He assists clients in operational, governance and compliance matters with a particular emphasis on privacy and data security in regulated industries including the Health Insurance Portability and Accountability Act and the Gramm-Leach-Bliley Act. His experience in the healthcare industry includes matters related to health information exchange / EMR-EHR transactions, ICD compliance transactions, HIPAA technology transactions, and HIPAA compliance
Close