Ropes & Gray LLP











Search
Go
Site MapDisclaimerContact UsPrivacy Policy
Health IT

Ropes & Gray LLP has extensive experience in the representation of vendors and users of Health IT services and products as well as investors in the Health IT sector. We possess a keen understanding of the business needs of our clients, the rapidly evolving regulatory landscape, and prevailing industry practices.

Drawing upon our extensive health care, regulatory, transactional, IT, life sciences, FDA, intellectual property, private equity, and venture capital resources, we provide comprehensive services in all areas germane to financing, developing, commercializing, procuring, licensing, deploying, and managing Health IT.

We advise numerous clients on compliance with the Health Information Technology for Economic and Clinical Act (the HITECH Act), a major component of the American Recovery and Reinvestment Act. Under the HITECH Act, the deployment of health information technologies may qualify for grants and Medicaid/Medicare payments and avoid drastically reduced reimbursements.

Transactions

  • Health IT Customers and Users. We represent Health IT users in all aspects of technology, service and data procurement, licensing, outsourcing, and business process arrangements. Our clients include prominent health care institutions, universities and physician groups, such as Stanford University Medical Center, Dana Farber Cancer Institute, Children’s Hospital (Boston), Lahey Clinic Hospital, Beth Israel Deaconess Medical Center, Massachusetts Eye and Ear Infirmary, El Camino Hospital (CA), Morris Heights Health Center (NY), PriMed Management, and Settlement Health (NY).
     
  • Health IT Companies. We represent a broad range of companies that develop, market and sell Health IT technologies, software and services in transactions designed to generate financing, monetize technology and IP assets, structure and restructure IP portfolios, and penetrate markets.
     
  • Health IT Investors and Underwriters. We represent numerous leading private equity and venture capital firms and underwriters in the Health IT sector in all corporate and due diligence aspects of their investments. We help them assess their target companies’ compliance with federal and state regulations, evaluate potential exposure for non-compliance, and promulgate remedial steps.
     
  • Comprehensive Transactional Services. We are experienced in domestic and global:
    • Technology and IP asset acquisitions, divestitures and spin-outs;
    • Joint ventures, alliances, teaming and collaborations;
    • Outsourcing and insourcing of applications development, supply side/manufacturing, service, and business processes functions;
    • Complex licensing and distribution;
    • Structuring and restructuring of IP portfolios; and
    • Cross-border transactions, especially involving the European Union, Japan, India, China, Korea, Latin America, and Israel.

Regulatory Compliance

We routinely counsel on implementation of interoperable health information technology (HIT) and electronic health record (EHR) systems in the public and private sectors. We work closely with hospitals, providers, physician groups, quasi-state agencies, and Health IT vendors to design, license, implement and operate systems that integrate patient health information into a centralized network compliant with federal and state regulations, including:

  • HIPAA: HIT compliance with privacy and security regulations including the Health Insurance Portability and Accountability Act (HIPAA), and the extension of HIPAA to business associates and breach notifications laws.
     
  • Physician Self-Referral (Stark) Laws: Referrals of Medicare patients to related entities for “designated health services.”
     
  • Anti-Kickback Laws: The legality of remuneration for referrals of items or services reimbursable by a federal health care program.

Privacy And Security

We advise on all aspects of privacy and information security applicable to Health IT, including:

  • Compliance and Counseling: Federal, state, and industry-based data protection and privacy requirements, including under HIPAA, Gramm-Leach-Bliley (GLBA), Children’s Online Privacy Protection Act (COPPA), Fair and Accurate Credit Transactions Act (FACTA), Fair Credit Reporting Act (FCRA), U.S.-E.U. Safe Harbor Program, and a multitude of state privacy and information security laws.
     
  • Data Breaches and Intrusions: Litigation, government investigations, and transaction-related issues arising out of data security breaches, including risk analysis and post-incident responses.
     
  • Information Security Programs: Development of comprehensive information security and privacy compliance programs.
     
  • Certification Programs: Certification program issues, such as Payment Card Industry Data Security Standards (PCIDSS).

Representative Health Care IT Experience

  • Advised an academic medical center in connection with the implementation of EHR software and steps to become a “meaningful user” of EHR technology.
  • Advising a regional health care provider in negotiation of a health care IT co-hosting and outsourcing agreement.
  • Represented Goldman Sachs in its IPO of athenahealth, Inc.
  • Advised Partners HealthCare System, Inc. on various data security matters.
  • Advised leading academic medical centers in connection with the negotiation and implementation of system-wide electronic medical record (EMR) system and electronic prescribing (eRX) system and subsequent sublicensing to multiple physician groups.
  • Represented Morgan Stanley in its IPO of MedAssets, Inc.
  • Advised a large East Coast communities hospital in connection with the negotiation and licensing of an electronic health records (EHR) system.
  • Advised a leading children’s hospital in connection with the licensing of an enterprise-wide care management software system.
  • Advised a long-term residential provider in connection with the licensing and implementation of a multi-tiered, multi-vendor clinical and billing software upgrade.
  • Advised a non-profit health care system with the negotiation, licensing and implementation of a core system replacement for claims administration.
  • Advised a major international software technology company in connection with regulatory compliance issues, including those under federal privacy and security rules, relating to the development and operation of health information exchange platforms and infrastructure.
  • Represented Citigroup Global in the IPO of Medidata Solutions, Inc.
  • Advised a leading provider of geriatric health care services in connection with the negotiation and purchase of a system-wide electronic medical record (EMR) system.
  • Advised a large physicians practice in connection with the negotiation of a health information exchange agreement.
  • Advised a health care software provider in connection with encryption and other security based requirements under federal and state law.

For more information, please contact:

Michael D. Beauvais
617.951.7601

Harry Rubin
212.596.9105

Susan M. Galli
617.951.7497
©1996-2012 Ropes & Gray LLP. All rights reserved.
Back