Christine Moundas

Partner

Christine Moundas is a partner in the firm’s health care practice group. She is also a co-head of the firm's digital health initiative and actively participates in the data, privacy & cybersecurity group. Christine provides strategic, regulatory, compliance, and transactional advice to health care clients, including health systems, hospitals, academic medical centers, long-term care providers, pharmaceutical companies, digital health companies, and investors. As part of her practice, Christine also counsels clients on privacy, security and breach matters, and focuses on emerging issues in the digital health space.

Prior to joining Ropes & Gray, Christine worked for over five years in the U.S. Department of Health and Human Services (“HHS”) Office of Inspector General. Her work focused on the oversight of certain aspects of federal reimbursement policy, federal fraud and abuse and program integrity initiatives, the Medicare administrative appeals process, as well as national health information technology initiatives.

Experience

Privacy, Security, and Breach Advising

Advising a wide array of health care players, both covered entities and business associates, on structuring and implementing HIPAA compliance programs and risk assessment processes.
Coordinating incident response and breach analysis activities for large cybersecurity incidents as well as more routine security and privacy incidents impacting health care clients.
Guiding response to several HHS Office for Civil Rights HIPAA compliance audits and investigations.
Advising pharmaceutical companies, device manufacturers, and digital health companies on privacy and security issues impacting their industries.
Structuring and advising quality improvement collaboratives engaged in complex data exchange and benchmarking activities as well as related research initiatives, including statewide quality improvement initiatives in multiple states.

Digital Health

Advising Electronic Health Record (“EHR”) vendors, Health Information Exchange (“HIE”) entities, HIE vendors, Health App providers and other digital health companies in navigating complex regulatory issues, including certified EHR technology requirements.
Counseling large health systems and other health care providers on the EHR Meaningful Use program requirements and assisting with response to numerous related audits.
Advising a leading academic medical center in connection with the negotiation and implementation of an enterprise-wide EHR system.
Assisting with development and review of Health Apps and portals, including terms of use, privacy policies, vendor agreements, consents and authorizations.
Advising medical device manufacturers and start-ups on regulatory considerations related to proposed Artificial Intelligence (“AI”) applications in the health care space.

Health Care Transactions

Representing large health systems in major transactions, including for-profit mergers and not-for-profit affiliations.
Advising private equity companies in investments in health provider entities and health care companies, including digital health companies.
Guiding private equity, for-profit and tax-exempt clients through health care due diligence, regulatory and reimbursement issues.
Advising long-term dialysis joint venture in multi-year expansion.

Health Care Compliance and Operational Advice

Advising on Medicare and Medicaid compliance and reimbursement matters, including SNF-PPS, PQRS and MACRA requirements, reimbursement appeals, medical necessity audits, etc.
Assisting with complex licensure and certification matters, including termination proceedings. Developing complex plans of correction for significant CMS survey statements of deficiencies, and assisting with Systems Improvement Agreement negotiations with CMS.
Overseeing many New York certificate of need applications for various facility types, including hospitals, dialysis centers, adult care facilities and assisted living residences.

Publications

Co-author, “ONC proposes significant changes to health IT certification program and information blocking rule,” Westlaw Today (May 3, 2023)
Co-author, “Solving the Cybercrime Collective Action Problem,” New York Law Journal (March 6, 2023)
Co-author, “California Privacy Law Hold Implications for Mental Health Apps,” Law360 (February 1, 2023)
Co-author, “FTC’s GoodRx Action Highlights Risks for Digital Health Companies,” Law360 (February 14, 2023)
Co-author, “California Privacy Law Holds Implications for Mental Health Apps,” Law360 (February 1, 2023)
Co-author, “What CMS E-Records Proposal Means for Hospitals” Law360 (May 27, 2022)
Profiled, Healthcare Information & Management Systems Society, HIMSS-TV (January 5, 2022)
Co-author, “What DOJ's Cyberfraud Initiative Means For Health Cos.,” Law360 (December 22, 2021)
Co-author, “Health Info Blocking Rule Creates Opportunities For Research,” Law360 (March 8, 2021)
Co-author, “Digital Health 2021: Trends in Big Data, AI, Telehealth, and Beyond,” Bloomberg Law (January 4, 2021)
Co-author, “2 Major Digital Health Trends Driven By COVID-19,” Law360 (December 22, 2020)
Co-author, “Recent CCPA Amendment Brings Welcome Clarifications, But Also New Obligations Around De-Identified Patient Data,” Legaltech News and Law.com (October 20, 2020)
Co-author, “California Bill Clarifies Privacy Law’s Ambiguities for Medical, Research Communities,” Bloomberg Law (February 13, 2020)
Quoted, “Reimbursement Remains a Barrier to Digital Health Adoption,” Managed Healthcare Executive (November 30, 2019)
Co-author, “HHS Sets Out to Tackle Health Information Access and Exchanges,” Law360 (February 22, 2019)
Co-author, “Drawing A Road Map For Nationwide Health Info Sharing,” Law360 (February 15, 2018)
Co-author, “Agency Guidance Limits May Shift Health Care Enforcement,” Law360 (February 9, 2018)
Co-author, “Small-Breach Focus Shows Growing Scope Of HIPAA Probes,” Law360 (September 27, 2016)
Co-author, “Modifying CMS Medicare And Medicaid Incentive Programs,” Law360 (July 2, 2014)

Presentations

Presenter, “The Convergence of Data Security, Governance, and Privacy in the Context of Modern Data Protection and Privacy Regulations,” Global GRC, Data Privacy & Cyber Security ConfEx (May 31, 2023)
Panelist, “Online Tracking Technologies: New HIPAA and FTC Guidance and Actions Change the Enforcement Landscape,” HLTH GoLIVE Webinar (March 9, 2023)
Presenter, “Finding Purpose in Practice: Profit and Career Fulfillment in an Age of Corporate Responsibility,” Fordham Corporate Law Center (October 11, 2022)
Speaker, “Navigating Digital Health Investments and the Dealmaking Landscape,” Ropes & Gray and Life Sciences Executives network webinar (September 2, 2020)
Speaker, “California Consumer Privacy Act: Impact on Health Care and Life Sciences Companies,” AHLA Life Science Educational Call (February 24, 2020)
Presenter, “From Innovation to Solutions: Building Strategic Partnership in an Evolving Digital Health Landscape,” Ropes & Gray Digital Health Forum (September 18, 2019)
Co-presenter, “Big Data in Health Care - Research Registries, Quality Improvement Collaboratives, Health Information Exchanges and Beyond,” Ropes & Gray Privacy and Cybersecurity Summit (February 2018)
Co-presenter, “Healthcare Ransomware and Cybersecurity Incidents – Prevention, Response and Analysis,” Ropes & Gray Privacy and Cybersecurity Summit (February 2018)
Presenter, “The Role of Digital Health in the Shift to Value-Based Health Care,” Ropes & Gray Teleconference (May 2017)
Presenter, “Handling and Protecting Sensitive Data: Beyond FERPA & HIPAA,” Ropes & Gray Webinar (June 2014)

Education

JD, Fordham University School of Law, 2010
MPH, Columbia University Mailman School of Public Health, 2006; Regina Loewenstein Prize for Academic Excellence in Health Policy and Management
BA, with Distinction, Yale University, 2004