Health Care & Insurance

Beckage counsels clients in the health care sector including pharmaceutical companies, hospitals and health care providers, cannabis, biotechnology and medical device companies. Beckage also consults those in the cannabis industry on matters related to data, data privacy and security (learn more). Beckage’s health care and insurance clients rely on us to maintain sensitive personal information and ensure compliance with privacy provisions of HIPAA, HITECH, and other regulatory schemes, respond to regulatory inquiries, and defend against products liability and private tort lawsuits. Our transactional capabilities include advising health care clients on licensing, employment contracts, and M&A matters.

Beckage lawyers are seasoned health law attorneys with practical in house counsel experience in health and insurance organizations, former regulators in health and insurance matters, and former technologists.  It is this unique background that allows Beckage to advise on cutting edge and emerging technologies with the practical know-how related to health law.

The Beckage Team provides risk assessments, cyber insurance review, and data incident preparedness to our healthcare & insurance clients.

Interoperability and Patient Access

Our health law practice has been immersed in the interoperability final rules released by HHS on March 9, 2020. We are helping our clients proactively address the legal and technical requirements of these new rules. As privacy and security attorneys with a focus in technology, our lawyers are uniquely positioned to understand the technical and compliance nuances of this Rule. We work with clients to develop compliance plans that align to the rule.

We can offer a number of high-impact deliverables that we believe would be especially effective for our clients, including:

• A high-level summary of the rule for leadership and/or Boards;

• Technical/legal summaries for compliance and procurement personnel;

• API vendor RFP criteria;

• Contract drafting and negotiation;

• Internal API policies and protocols (e.g., denial criteria, security attestations; privacy and security protocols, required data elements);

• Documentation and retention policies; and

• External communications required under the rule.