Timothy M. McCrystal
Tim McCrystal is the co-chair of the health care practice group. Tim has over twenty years of experience advising health care providers, companies and investors on cutting-edge regulatory matters and transactions. He has extensive experience in structuring and negotiating health care affiliations, mergers and acquisitions, joint ventures, hospital-physician relationships, medical practice acquisitions, formation and reorganization of multi-institutional health care systems, and a variety of contractual arrangements and general business transactions.
Clients from all sectors of the health care industry also turn to Tim for counseling on a wide range of compliance matters, including the development and fine-tuning of their compliance programs. Tim has counseled clients at every stage of their compliance program lifecycle: initial development and implementation, routine assessment and audit, and periodic evaluation and revision.
Tim is also a recognized expert in the field of privacy and cybersecurity. He regularly advises clients on the full array of data privacy, protection and security matters relating to the HIPAA privacy and security rules. Tim has represented clients in highly publicized settlements with the United States Department of Health and Human Services, Office for Civil Rights stemming from alleged data breaches relating to the loss or theft of protected health information.
- Co-author, “Is the Current Anti-Kickback Enforcement Environment Stifling Innovation in Health Care?” Bloomberg BNA’s Health Law Reporter (August 10, 2017)
- Co-author, “Compliance And The Transition To Value-Based Care,” Law360 (May 31, 2017)
- Co-author, “Value-Based Health Care: 10 Things Investors Should Know,” Law360 (May 10, 2017)
- Quoted, “Prioritizing Healthcare Data Security in Aggregation, Sharing,” Health IT Security (April 19, 2017)
- Co-author, “What’s Ahead for Value-Based Health Care,” Law360 (March 1, 2017)
- Quoted, “6 Ways To Be A Go-To Firm For HIPAA Compliance,” Law360 (April 29, 2016)
- Quoted, “New HIPAA audits will target healthcare industry's business partners,” Modern Healthcare (March 21, 2016)
- “Data Security And State Health Insurance Exchanges,” Law360 (November 2013)
- “Security Rule Audits on the Way; Time to Invest in Technology Safeguards,” Healthcare Financial Management (February 2012)
- Presenter, “Emerging Trends in Health Care Joint Ventures,” AHLA Annual Meeting (June 2014)
- Presenter, “Odd Bed Fellows: The Emerging of Non-Traditional Alliances in the Healthcare Market,” Health Care Law & Compliance Institute (March 2014)
- Presenter, "The New Standard for Breach Under the Final Rule: Addressing and Identifying Incidents, Protections, Obligations and Liabilities," American Conference 3rd Annual HIPAA/HITECH Conference, American Conference Institute (May 2013)
- Moderator, “Federal Update on HIPAA and HITECH Privacy and Security Enforcement,” Boston Bar Association (April 2013)
- “Managing the Risk of Data Breaches and Preparing for Security Audits: Lessons Learned from the Field,” NACUA Annual Conference (June 2012)
- “OCR HIPAA Audits and Responding to Breaches,” AHLA Annual Meeting (June 2012)
- “HIPAA Audits – Guidance from the Past, Insights for the Future,” Coalfire Webinar (February 2012)
- “Breach: Incidents, Protections, Obligations and Liabilities,” Health Care Information Privacy and Security Forum (December 2011)