About Megan Hardiman

A recognized leader in the health care industry, Megan Hardiman, co-head of the firm's Privacy, Data and Cybersecurity group, helps health care clients manage their most sensitive information. Clients turn to Megan for help with HIPAA and information privacy issues so they understand how they can use and disclose data and put best practices into place. When a data breach occurs, she helps clients implement a prompt and appropriate response, including serving as a breach "coach," managing the incident response process, working with forensics, notification and crisis communications vendors, and responding to regulatory inquiries and enforcement actions. Megan also has more than 20 years of experience representing health care industry clients on a wide range of health care regulatory matters and transactions.

HIPAA and sensitive data protection from the ground up

Megan is co-head of the firm's privacy, data and cybersecurity group and devotes a significant portion of her practice to helping health care industry clients understand and meet HIPAA and other data privacy and security requirements. Her experience includes advising clients in proactively developing appropriate data breach and crisis communications plans and in conducting breach readiness exercises, as well as responding in the event of an actual data breach. Megan also regularly advises clients on a range of HIPAA compliance issues.

Megan's transactions experience includes sales, acquisitions and affiliations involving a wide variety of health care industry clients, such as hospitals and health systems, home infusion companies, senior housing providers, urgent care centers, physician practice management companies and medical colleges. She has also represented tax-exempt health systems in structuring complex joint operating agreements and affiliations with unrelated health systems, and has obtained favorable rulings from the IRS on the consequences of these and other transactions among tax-exempt organizations.

Megan frequently speaks and authors articles on privacy, data breach planning and response, and a range of other health care regulatory matters.

⇣   Expand to read more

Practice Focus

  • HIPAA and health care privacy law
  • Data breach and crisis communications plans and breach readiness exercises
  • Data breach response management
  • HIPAA and other privacy policies and procedures and training materials
  • Privacy investigations, audits and enforcement actions
  • Health care regulatory advice on corporate transactions
  • Tax exemption issues for 501(c)(3), (c)(4) and (c)(6) organizations

Presentations and Events