Jo-Ellyn Sakowitz Klein is a leader in the firm’s interdisciplinary cybersecurity, privacy and data protection initiative. She handles privacy, data security, data breach preparedness and data breach response matters for clients across many industries, with a special emphasis on the health sector.
Jo-Ellyn devotes a substantial portion of her practice to assisting clients with issues arising under state and federal privacy, data security, and data breach notification laws and regulations, including:
- Health Insurance Portability and Accountability Act of 1996 (HIPAA)
- Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH)
- Gramm-Leach-Bliley Act
- State privacy laws
- Data security laws
- Data breach notification laws.
She has examined privacy and data security issues arising in settings ranging from hospitals to clinical research to professional sports to investment firms.Jo-Ellyn regularly assists clients in their efforts to comply with applicable privacy and data security laws, especially in the health sector.
She has handled data breach responses for clients, including academic medical centers, health plans and investment firms.Jo-Ellyn assists clients from start-up ventures to institutional clients in structuring relationships and drafting contracts that address privacy and data security issues. She has led the privacy team working on major transactions involving the transfer of customer or patient data.
- Assisting clients facing allegations raised by individuals in HIPAA complaints filed with federal regulators.
- Developing HIPAA and HITECH compliance tools for clients ranging from health care providers to health software vendors to health plans, including privacy policies and procedures, employee training programs, vendor contracting forms, authorization forms, privacy notices and other materials.
- Assisting clients, including those that are not mainstream health industry participants, in determining the extent to which they must comply with HIPAA and HITECH.
- Drafting and negotiating agreements that address privacy and data security issues, including services agreements, confidentiality agreements, personal information security agreements, and HIPAA business associate and data use agreements.
- Helping clients prepare for, and respond to, data breaches, including developing data breach response plans, evaluating whether breach notification requirements under state and federal law have been triggered, preparing breach notices for affected individuals, and preparing breach notices and reports for regulatory authorities.
- Certified Information Privacy Professional/United States (CIPP/US), International Association of Privacy Professionals, 2014.
- J.D., Georgetown University Law Center, 1998
- A.B., Duke University, 1994
- Certificate, Duke University, 1994
- District of Columbia
Rate : $$$