Timothy M. McCrystal


  • JD, Suffolk University Law School, 1989
  • BA, Colby College, 1984


  • Massachusetts, 1989
  • Editorial Advisory Board Member, Law360 Health Care
  • The National Law Journal, Trailblazer (2019)
  • Legal 500 (2014-2016, 2018, 2020)
  • Chambers USA: America's Leading Lawyers for Business (2014-2020)
  • The Best Lawyers in America “Lawyer of the Year” - Health Care Law (2020)
  • The Best Lawyers in America (2007-2017, 2019-2021)

Timothy M. McCrystal


Tim McCrystal is the co-chair of the health care practice group. Tim has over thirty years of experience advising health care providers, companies and investors on cutting-edge regulatory matters and transactions. Most recently, Tim has been counseling clients impacted by the COVID-19 pandemic by providing critical guidance around issues related to operational preparedness and business continuity planning, among others.

In addition, Tim has extensive experience in structuring and negotiating health care affiliations, mergers and acquisitions, joint ventures, hospital-physician relationships, medical practice acquisitions, formation and reorganization of multi-institutional health care systems, and a variety of contractual arrangements and general business transactions. 

Clients from all sectors of the health care industry also turn to Tim for counseling on a wide range of compliance matters, including the development and fine-tuning of their compliance programs. Tim has counseled clients at every stage of their compliance program lifecycle: initial development and implementation, routine assessment and audit, and periodic evaluation and revision.

Tim is also a recognized expert in the field of privacy and cybersecurity. He regularly advises clients on the full array of data privacy, protection and security matters relating to the HIPAA privacy and security rules. Tim has represented clients in highly publicized settlements with the United States Department of Health and Human Services, Office for Civil Rights stemming from alleged data breaches relating to the loss or theft of protected health information.



  • Panel Moderator, “The Rise of Disruptors and the Changing Face of Deal Activity,” Ropes & Gray’s From the Boardroom Seminar, San Francisco, CA (January 12, 2020)
  • Speaker, “Impact of value-based agreements on the diagnostic market,” Q1 Productions, 13th Semi-annual Diagnostic Coverage & Reimbursement Conference, Boston, MA (December 7, 2019)
  • Moderator, “Value-Based Health Care: Emerging Business Models & Legal Risks,” Consero Healthcare General Counsel Forum (October 29, 2018)
  • Moderator, “A Global Reach: Considering International Affiliations,” Consero Healthcare General Counsel Forum (October 29, 2018)
  • Presenter, “Value-Based Health Care: Contracting Opportunities and Challenges for the Pharmaceutical Industry,” BIO General Counsel’s Committee Forum (April 12, 2018)
  • Panelist, “Innovative Business Models in the Emerging Value-based Health Care Landscape,” Will Value-based Care Save the Health Care System? Conference at Harvard Law School Petrie-Flom Center for Health Law Policy, Biotechnology, and Bioethics (March 2, 2018)
  • Panelist, “Healthcare Ransomware and Cybersecurity Incidents: Prevention, Response and Analysis,” Ropes & Gray Privacy & Cybersecurity Summit (February 2018)
  • Presenter, “Emerging Trends in Health Care Joint Ventures,” AHLA Annual Meeting (June 2014)
  • Presenter, “Odd Bed Fellows: The Emerging of Non-Traditional Alliances in the Healthcare Market,” Health Care Law & Compliance Institute (March 2014)
  • Presenter, "The New Standard for Breach Under the Final Rule: Addressing and Identifying Incidents, Protections, Obligations and Liabilities," American Conference 3rd Annual HIPAA/HITECH Conference, American Conference Institute (May 2013)
  • Moderator, “Federal Update on HIPAA and HITECH Privacy and Security Enforcement,” Boston Bar Association (April 2013)
  • “Managing the Risk of Data Breaches and Preparing for Security Audits: Lessons Learned from the Field,” NACUA Annual Conference (June 2012)
  • “OCR HIPAA Audits and Responding to Breaches,” AHLA Annual Meeting (June 2012)
  • “HIPAA Audits – Guidance from the Past, Insights for the Future,” Coalfire Webinar (February 2012)
  • “Breach: Incidents, Protections, Obligations and Liabilities,” Health Care Information Privacy and Security Forum (December 2011)
  • JD, Suffolk University Law School, 1989
  • BA, Colby College, 1984
Cookie Settings