Quick Results
Professional Photo
Professionals

Gina Ginn Greenwood, CIPP/US

Shareholder
Atlanta
T: 478.765.1804
F: 404.238.9612
Macon
T: 478.765.1804
F: 478.750.1777

Gina Greenwood is a U.S. Certified Information Privacy Professional and has represented clients in numerous matters involving data protection, privacy, and cybersecurity.

Featured Videos

The Latest in Data Breach Preparedness and Responses for Higher Education March 12, 2018
The Evolving Landscape of Data Privacy and Cybersecurity in the Financial Services Industry January 25, 2017

Featured Experience

Provided direct, daily (offsite and onsite) general business and regulatory compliance guidance to health systems, hospitals, psychiatric facilities, pharmacies, skilled nursing facilities, hospices, dialysis companies, personal care homes, physician/dental practices and ambulance providers.

Served as lead and/or co-regulatory compliance counsel in corporate transactions valued at up to $1 billion.

Successfully defended numerous hospitals in EMTALA investigations, including drafting plans of correction and representing entity at administrative Quality Improvement Organization (QIO)/Physician Review Organization (PRO) hearings; drafted and implemented extensive EMTALA compliance programs; provided direct on-site support for hospitals; defended providers in private litigation claims, provided employee and medical staff training. 

Professional Biography

Overview

Ms. Greenwood concentrates her practice on a wide range of privacy/security matters. 

These include cyber liability, risk management, big data issues, financial, personal and medical data breaches and the investigation, response, notification and defense of data breaches, HIPAA Privacy and Security Rule compliance and HIPAA breaches; HITECH Act Compliance (including HIPAA updates, meaningful use of Certified EHR incentive program compliance and meaningful use audit responses); Red Flag Rules compliance; Genetic Information Nondiscrimination Act (GINA) compliance; 42 C.F.R. Part 2 federal alcohol and drug abuse privacy compliance, FTC Act privacy/security compliance, PCI Standard Compliance, state privacy laws, identity theft, IT and EHR implementation and donation; Patient Protection & Affordable Care Act (Health Reform or PPACA) and physician integration accountable care organizations (ACOs); Emergency Medical Treatment and Labor Act (EMTALA) compliance, investigations, hearings, and survey responses; fraud and abuse compliance plans, advice and investigations (Stark Law, Anti-Kickback Statute and False Claims Act, etc.); Medicare/Medicaid audits, Joint Commission and licensure compliance and training boot camps; reimbursement issues; certificate of need (CON) matters; hospital and medical staff bylaw drafting and revision; drug diversion and self-reporting; risk management assessments; emergency preparedness (pandemic/Ebola); mental health issues and psychiatric and substance abuse involuntary commitment and guardianships; corporate health care transactions (including due diligence, change of ownership and compliance issues); contract drafting and general business advice; and many other regulatory and compliance matters pertinent to large and small businesses, device/pharmaceutical manufacturers and health care entities (such as hospitals [including psychiatric and critical access hospitals], pharmacies, hospices, skilled nursing facilities, dialysis centers, clinics, physician/dental practices, home health agencies and assisted living facilities).

Ms. Greenwood has authored numerous data privacy/security and health care materials including HIPAA Privacy and Security policy manuals, licensure policy manuals, Internet-based employee training modules, fraud and abuse compliance plans/programs and employee manuals. She is a frequent speaker on the topics of licensure/Joint Commission compliance, avoiding medical malpractice, reporting medical errors, electronic health records, fraud and abuse, HIPAA and EMTALA compliance data breaches and various other health care topics.

Prior to graduating from law school at Mercer University, Ms. Greenwood interned for the Honorable Judge Tommy Day Wilcox Jr., Superior Court Judge of the Macon Judicial Circuit in the summer of 1999.

Ms. Greenwood received her J.D. degree with Advanced Legal Writing Certification from Mercer University School of Law, where she earned the Faculty's Award for Outstanding Achievement in Legal Writing. Ms. Greenwood has been recognized in Chambers USA as a leading lawyer in health care and has been selected as one of "Georgia's Legal Elite" in Healthcare Law by Georgia Trend Magazine. Ms. Greenwood was selected by the U.S. Commission on Civil Rights as a national EMTALA legal expert and provided oral testimony for a U.S. Commission on Civil Rights (USCCR) hearing in Washington, D.C., and corresponding written testimony, which was included in the USCCR "Patient Dumping" report to U.S. Congress (submitted September 2014).

Ms. Greenwood plays a very active role in her community and various civic organizations, including her church. Ms. Greenwood serves on the Vineville United Methodist Church Pleasant Hill Committee. She recently rotated off the United Methodist Women Executive Board, the Counsel on Ministries Committees and the Goodwill Fundraising Gala Committee. She serves on Campus Clubs Ministries Board of Directors. She and her husband also serve as host parents to a child at the Masonic Home of Georgia.

Representative Matters
  • Provided direct, daily (offsite and onsite) general business and regulatory compliance guidance to health systems, hospitals, psychiatric facilities, pharmacies, skilled nursing facilities, hospices, dialysis companies, personal care homes, physician/dental practices and ambulance providers.

  • Served as lead and/or co-regulatory compliance counsel in corporate transactions valued at up to $1 billion.

  • Successfully defended numerous hospitals in EMTALA investigations, including drafting plans of correction and representing entity at administrative Quality Improvement Organization (QIO)/Physician Review Organization (PRO) hearings; drafted and implemented extensive EMTALA compliance programs; provided direct on-site support for hospitals; defended providers in private litigation claims, provided employee and medical staff training. 

  • Successfully defended numerous providers through HIPAA breaches and personal data security breaches and the corresponding federal and state law requirements and investigations; served as regulatory counsel in privacy lawsuits.

  • Co-authored 700 pages of policies and procedures, presented lectures at statewide hospital training conferences and conducted daily help-line services for a hospital association's HIPAA Privacy and Security Compliance Program.

  • Advised HIPAA Covered Entities and Business Associates in HIPAA Privacy, Security and Breach Notification compliance and state consumer privacy compliance.

  • Served as lead regulatory attorney advising hospitals in the implementation of electronic health records systems (meaningful use) and the donation of technology to physician groups.

  • Successfully counseled numerous hospitals and eligible providers in meaningful use or certified electronic health records audits.

  • Analyzed and structured numerous business, marketing and regulatory scenarios to assist hospitals (and other health care entities) and device/pharmaceutical manufacturers in complying with the fraud and abuse laws.

  • Authored fraud and abuse compliance plans/programs, codes of conduct and employee manuals for various types of health care entities; served as regulatory counsel to clients and the litigation teams in fraud and abuse government investigations.

  • Served as regulatory counsel in numerous fraud and abuse internal and governmental investigations.

  • Counseled numerous providers through drug theft and diversion and corresponding reporting and risk management issues.

  • Drafted and implemented psychiatric hospitals' policies and procedures to address Part 2 Compliance, patient rights notification, involuntary/voluntary due process and forced medication.
  • Worked closely with providers to affect change in statutes and regulations.
  • Conducted risk assessments of major health systems to develop work plan to address and reduce legal liabilities.

  • Drafted PCI Compliance programs for merchants.

  • Provided certificate of need (CON) counsel to numerous hospitals and nursing homes.
Professional Honors & Activities
  • Certified by the International Association of Privacy Professionals as a Certified Information Privacy Professional for U.S. Sector (CIPP/US)
  • Listed in Best Lawyers in America® in Health Care Law (2018, 2019) 
  • Listed in Chambers USA: America's Leading Lawyers for Business as a leading Healthcare Lawyer in Georgia (2011 and 2012)
  • Selected as one of "Georgia's Legal Elite" in Healthcare Law by Georgia Trend Magazine (2012)
  • Member – Georgia State Bar Association (Health Law Section)
  • Member – American Health Lawyers Association
  • Member – Georgia Academy of Healthcare Attorneys
  • Member – International Association of Privacy Professionals (IAPP)
  • Submitted written testimony and orally testified at the United States Commission on Civil Rights Briefing as legal expert on EMTALA law.
Publications
Speaking Engagements
  • "Baker Donelson Compliance Symposium" (November 2017)
  • "Cyber Risks and Data Do's and Don'ts," HCCA Atlanta Regional Conference (January 2017)
  • Co-speaker – "Preparing Today for the Data Breach of Tomorrow," Greater North Fulton Chamber of Commerce Tech Forum (March 2016)
  • Keynote Speaker – "The Law of Health Care Technology: The Trends of Big Data," Mercer Law School Health Law Week (February 2016)
  • Co-speaker – "Legal and Policy Trends in Healthcare," The VHA Georgia 2016 MEC Institute, Greensboro, Georgia (January 2016)
  • "EMTALA and the Behavioral Health Patient," webinar, American Health Lawyers Association (May 2015)
  • "EMTALA and Mental Health," Council on Psychiatric & Chemical Dependence Hospitals (October 2014)
  • "EMTALA and Mental Health: Managing the Mental Health Patient," Georgia Hospital Association Georgia Society for Clinical and Resource Management (GSCRM), Macon, Georgia (October 2014)
  • "Cyber Liability for Health Entities and Their Vendors - Preventing and Managing Breaches To Help Avoid the Big Payouts," Cyber Liability Team Training Seminar, New York, New York (October 2014)
  • "HIPAA/HIE Update," Georgia Hospital Association Compliance Officer Retreat (September 2014)
  • EMTALA Expert Legal Panelist – Provided oral testimony at hearing in Washington, D.C. and written testimony for U.S. Commission on Civil Rights "Patient Dumping" report to the U.S. Congress (March 2014; September 2014)
  • "Brave New World: HIPAA-HITECH Final Regulations are Here! Breaches Haunt the Headlines!," University Health Care System Compliance Meeting, Augusta, Georgia (June 2013)
  • "Omnibus 'Final' Rule is Here - Finally!!," GHA Compliance Officer's Retreat (March 2013)
  • "HIPAA Breaches - Avoiding the Headliners Settlement," HCCA (January 2013)
  • "HIPAA Lessons Learned in Privacy and Security," GHIMA Annual Meeting (August 2012)
  • "Health Care Update," Georgia Hospital Association Compliance Officer Retreat (2012)
  • "What's Hot & What's Not? Health Care Update," Georgia Hospital Association Compliance Officer Retreat (March 2011)
  • "OPPS Changes: Physician Supervision of Therapeutic Services," Georgia Hospital Association Compliance Officer Meeting (February 2011)

Email Disclaimer

NOTICE: The mailing of this email is not intended to create, and receipt of it does not constitute an attorney-client relationship. Anything that you send to anyone at our Firm will not be confidential or privileged unless we have agreed to represent you. If you send this email, you confirm that you have read and understand this notice.
Cancel Accept