Ira Parghi is counsel in Ropes & Gray’s health care law group in San Francisco and a member of the firm’s digital health practice and its privacy and data security group.
Ira advises health care and life sciences clients on a range of health information issues, including the collection, use, and disclosure of clinical and research-related health information and the handling of potential privacy and security incidents and their investigation by federal and state regulators. She counsels clients on the growing number of requirements governing electronic health records and other digital health technology, including Meaningful Use, consent and privacy, interoperability, and cybersecurity. She also advises on privacy- and security-related diligence and disclosures in the context of corporate transactions.
Additionally, Ira has advised, written, and presented on a range of topics relating to value-based health care (“VBHC”). These include trends in VBHC relevant to medical technology companies, the role of digital health and data analytics in VBHC, and the compliance challenges that traditional patient privacy and health care fraud and abuse laws may pose to VBHC arrangements.
Ira’s extensive experience in health care has also seen her advise and publish on a wide range of other topics, including drug pricing legislation, European privacy law developments relevant to pharmaceutical companies, the management of adverse events, and the conduct of internal hospital reviews and quality control investigations. Having served as legal counsel to a large Canadian insurance reciprocal for public hospitals, Ira is also experienced in defending health care institutions engaged in civil litigation and in providing them with strategic risk management advice.
Prior to joining the firm, Ira was the Corporate Privacy Officer for one of the country’s largest hospital systems. Before that, she was a partner in the health law group at Borden Ladner Gervais LLP.
- Advising a medical technology company on HIPAA Privacy and Security Rule questions, including with respect to proposed new “smart” technologies and the provision of services relating to such technologies.
- Counseling a recently-formed health information technology company on health information privacy and security matters.
- Providing guidance to health care and investment management companies on the health information privacy-related aspects of potential transactions.
Advised a digital health company on the state privacy law implications of a proposed new product.
Counseled an academic medical center on research-related informed consent and privacy laws, including with respect to a digitally-driven medical research project.
Seconded part-time to assist a university privacy office with a broad array of matters, including the investigation, remediation, and documentation of potential privacy incidents; and privacy and security-related inquiries arising in the clinical research context.
Counseled pharmaceutical companies on informed consent and privacy laws in the conduct of sponsored research.
Advised a large health care provider on its handling of potential privacy incidents, including possible reporting obligations to the United States Department of Health and Human Services, Office for Civil Rights and to state regulators.
Provided guidance to a large insurer on questions relating to the collection and use of genetic information.
Advised an academic medical center on complex matters regarding the disclosure of health records of minor patients.
Provided guidance to a social services organization on various health information-related issues arising from a large-scale transfer of community-based health care programs and services.
Supervised all aspects of the handling of several hundred patient privacy-related inquiries and investigations, including their investigation, analysis, documentation, and remediation, and any applicable reporting requirements to patients, and federal and state regulators.*
Responded to numerous HIPAA- and state law-related inquiries or investigations from federal and state regulators.*
Transactions that were completed before joining Ropes & Gray.*
- Co-author, “Your Bitcoin or Your Business: The Growing Threat of Ransomware Across Industries,” Westlaw Journals (December 2017)
- Co-author, “California’s New Focus on Drug Pricing Transparency,” Law360 (November 16, 2017)
- Co-author, “Blurring the Line Between Health Care Provider and Payor,” Law360 (September 20, 2017)
- Author, “How Can We Make EHR Access Less Unwieldy for Patients and Providers?” MedCity News (August 30, 2017)
- Quoted, “Top 7 Tips for Small Practices to Invest in Technology,” Medical Economics (August 10, 2017)
- Co-author, “4 Predictions for Value-Based Care and Digital Health,” Law360 (June 29, 2017)
- Quoted, “What You Think You Know About HIPAA Might Be Wrong,” Healthcare Risk Management (June 1, 2017)
- Author, “Where is the Future of HIPAA Enforcement Heading,” MedCity News (May 22, 2017)
- Quoted, “GOP Repeal-And-Delay Plans Spell Uncertainty For Insurers,” HealthcareDive (December 14, 2016)
- Co-author, “Digital Health 101: There’s No Regulator-Free Path to the Digital Health Market,” Bloomberg BNA Health IT Law & Industry Report (May 9, 2016)
- Co-author, “Big Data and HIPAA Privacy–Threshold Questions to Ask,” Pharmaceutical Compliance Monitor (March 21, 2016)
- Co-author, “Clearing Up Developer Health App Questions,” Law360 (February 26, 2016) (Subscription required)
- “The Report on Improving Cybersecurity in the Health Care Industry and its implications for the health industry,” Ropes & Gray Webinar (November 2017)
- “Developments in value-based health care,” Ropes & Gray Life Sciences Roundtable (November 2017)
- “The Role of Digital Health in the Shift to Value-Based Health Care,” Ropes & Gray Webinar (May 2017)
“Developments in EU privacy law,” Ropes & Gray Small Pharma Compliance Roundtable (March 2017)
- “Best Practices in Research Data Sharing and Licensing,” the Association of University Technology Managers (AUTM) Annual Meeting (March 2017)
- “Data Sharing and Licensing: Best Practices and Ongoing Questions,” Association of Corporate Counsel - San Francisco Bay Area CLE seminar (May 2016)
- “Money and Data in Risk-Bearing Provider Networks: Fraud and Abuse, Privacy, and How to Have Your Cake and Eat it Too,” Healthcare Law & Compliance Institute (March 2016)
- “Medical Software: Evolving FDA Policies and Privacy Regulation,” medical and consumer goods company regulatory attorney meeting (July 2015)
- “Research Data Sharing and Licensing: Best Practices and Ongoing Questions,” university technology licensing office meeting (June 2015)
- “Disentangling the Gordian Knot: Privacy and Compliance,” Digital Health Summer Summit (June 2015)
- “Lifestyle Data and Health Apps - Minding the Gap between the FDA, FTC, and Health Care Laws,” Association of Corporate Counsel - San Francisco Bay Area CLE seminar (June 2015)
- “Sensitive Data & The Business Judgement Rule,” Association of Corporate Counsel - San Francisco Bay Area CLE seminar (February 2015)
- “What You Need to Know about HIPAA Privacy and Research,” The Feinstein Institute for Medical Research Public Research Education Program (December 2011)
- “HIPAA Issues in Clinical Care,” Lenox Hill Hospital medical resident education seminar (October 2011)