Health Information Technology – Law and Policy

Companies and organizations throughout the health care industry have invested an enormous amount of effort and money adopting and integrating information technology in an effort to promote quality care, efficiencies, and cost savings for the health care system as a whole.  Since the  passage of the Health Information Technology for Economic and Clinical Health (HITECH) Act in 2009, the focus on integrating information technology into the health care system has driven choices made by many C-suite decision makers for the future of their organizations. But while the promotion of information technology into health care holds the promise of helping reduce medical errors and improve the quality of health care, it also comes with potential peril related to the many thousands of complex rules and regulations and very sophisticated and resulting lengthy agreements between providers and IT vendors, consultants, and manufacturers.

And those regulations and agreements continue to grow ever more complicated.

The philosophy of Baker Donelson's Health IT team is to help clients understand the rules, then develop policies and procedures to avoid problems. We also realize that many clients, searching for a competitive advantage, are at the very forefront of information technology. So whether that client is a physician group participating in a state-sponsored Health Information Exchange (HIE) , an insurer transitioning to software as a service (SaaS) and cloud storage or a IT vendor creating its baseline documents, we have the expertise to help make that effort seamless.

Our Health IT Team integrates four critical areas of the Firm – the Health Law Department, the Business Technology Group, the Information Privacy and Security Management Group and the Public Policy Group. Working collaboratively, this interdisciplinary team has an unparalleled ability to meet client needs in a rapidly changing legal and technical environment.


Baker Donelson has one of the largest health law practices in the nation, representing hospitals and health systems, academic medical centers, medical device manufacturers, pharmaceutical companies, physician organizations and specialty care providers. The members of our Health Care Regulatory Task Force are well versed in issues related to Medicare and Medicaid reimbursement, meaningful use, HIPAA, fraud and abuse, Stark electronic health record (EHR)  donation concerns, compliance audits, and preventing and defending government investigations, and they are highly skilled at interpreting constantly changing regulations.

Business Technology

Because many of our clients employ cutting-edge technology, the attorneys in Baker Donelson's Health Law Department work closely with our Business and Technology Group, a multi-disciplinary team of lawyers with broad, deep knowledge of business technology law. These attorneys routinely negotiate complex agreements and have experience with virtually every type of transaction involving the purchase and sale of technology products and services, as well as related intellectual property issues.

Information Privacy and Security Management

Beyond HIPAA, Baker Donelson's attorneys help all types of organizations manage information security and privacy compliance and data incidents. Our proactive approach can help organizations maximize their return on technology and related investments through cost savings, enhanced profits and innovation. We work with companies to develop programs to comply with the myriad of federal and state laws as well as advise clients when they need us most- – when a data breach has or may have occurred. 

Public Policy

Sometimes the best thing Baker Donelson can do for a client is to help shape the rules. Working at both the federal and state levels, our Public Policy Group provides strategic counsel as well as day-to-day policy representation on a range of health care issues, helping to protect and advance clients’ interests at every stage of policy-making.