Jennifer Hennessy is a data privacy and cybersecurity attorney, advising clients ranging from multinational corporations to startups on all aspects of compliance with international, federal, and state data privacy and security laws. She is a partner in the firm’s Technology Transactions, Cybersecurity, and Privacy Practice, a member of the Telemedicine & Digital Health Industry Team, the Health Care & Life Sciences Sector, and Innovative Technology Sector.
Jennifer assists covered entities and business associates in complying with Health Insurance Portability and Accountability Act (HIPAA) and advises organizations on compliance with federal law 42 C.F.R. Part 2 (Confidentiality of Substance Use Disorder Treatment Records), the EU’s General Data Protection Regulation (GDPR), and state data privacy laws, including the California Consumer Privacy Act (CCPA).
She works with a broad array of clients in the telemedicine and digital health industry, most notably high-growth emerging companies and entrepreneurial technology groups. Her work focuses on health care privacy and security in digital health and multistate footprints. She also advises cash and self-pay telemedicine companies on privacy and security considerations.
Jennifer frequently guides clients through data incident management and the entire breach notification process, from the early stages of the investigation to the notification of affected individuals and government regulators, as well as through any resulting enforcement actions or regulatory investigations. Her depth of experience in this area allows her to provide clients with practical and business-oriented solutions in the event of a data incident and in its aftermath.
More Legal and Business Bylines From Jennifer J. Hennessy
- HIPAA: Failure to Report Breach Costs Hospital $2.175 Million - (Posted On Thursday, December 05, 2019)
- Proposed Changes to Part 2 Rules Ease Substance-Use Disorder Record Sharing - (Posted On Tuesday, August 27, 2019)
- HIPAA: OCR Releases New FAQs Clarifying Disclosures Amongst Covered Entities - (Posted On Friday, June 28, 2019)
- OCR Clarifies Direct Liability for Business Associates under HIPAA - (Posted On Thursday, May 30, 2019)
- Increased Interoperability of Health Information: Two New Proposed Rules - (Posted On Friday, February 15, 2019)
- DHHS Releases Guidance on Managing Cybersecurity Threats in the Health Care Sector - (Posted On Thursday, January 10, 2019)
- Lessons Learned from 2017 OCR HIPAA Enforcement Actions - (Posted On Monday, August 14, 2017)
- The Office of the National Coordinator Releases Guidance on Recent International Ransomware Campaign - (Posted On Wednesday, June 28, 2017)
- Global Ransomware Attack: Preparation is Key - (Posted On Monday, May 15, 2017)
- State Data Breach Notification Statutes: A Year in Review and Preparing for 2017 - (Posted On Friday, February 03, 2017)