Skip to Main Content
Professional Photo

Layna Cook Rush, CIPP/US, CIPP/C


Layna Rush focuses her practice on representing clients in managed care, insurance-related regulatory and compliance, and privacy and security issues.

Professional Biography

Ms. Rush leads the Firm's Data Incident Response Team, which is a NetDiligence Authorized Breach Coach® firm. She assists clients in the investigation of and response to privacy and security incidents. She is a U.S. and Canadian Certified Information Privacy Professional and member of the Firm's Data Protection, Privacy and Cybersecurity Team. Ms. Rush also assists clients with managed care and insurance regulatory issues.

Privacy and Security

Ms. Rush counsels clients on the investigation of, and response to, privacy and security incidents and data breaches. She represents clients in investigations by the Office for Civil Rights, state attorneys general and insurance departments, and in litigation involving privacy challenges. She routinely advises clients on state and federal laws related to privacy and security of personal information, including HIPAA, Part 2 Substance Abuse laws, the Genetic Information Nondiscrimination Act, the Telephone Consumer Protection Act, the CAN-SPAM Act and state laws related to privacy protections and breach notification requirements. She has assisted clients in the development of policies and procedures for compliance with HIPAA and state and federal laws related to privacy and security. Her privacy and security experience includes:

  • Assisting clients with response to security incidents, including phishing scams and ransomware attacks.
  • Advising clients on notification requirements under state and federal breach notification laws.
  • Representing clients in investigations by the Office for Civil Rights, state attorneys general and other state agencies that enforce privacy and security regulations.
  • Assisting with review and development of privacy and security compliance manuals.
  • Drafting and advising on business associate obligations and contracts.
  • Reviewing and drafting website privacy policies.
  • Assisting clients with development and testing of incident response plans.

Managed Care

Ms. Rush represents clients in regulatory, compliance, and operational issues related to managed care. She drafts agreements between health care entities including provider agreements for participation in IPAs, ACOs, TPAs, PPOs and Medicare Advantage and Medicaid managed care plans. She routinely counsels clients on state and federal legislation that impacts managed care contracting. Her managed care experience includes:

  • Drafting and editing managed care contracts including IPA Participating Provider Agreements, ACO Participation Agreements, Medicaid Managed Care Participating Provider Agreements, PPO/Network Agreements, Commercial Health Plan Provider Agreements, Value Based/Risk Based Participation Agreements and Pharmacy Benefit Manager Agreements.
  • Assisting providers with resolution of disputes with payers including disputes related to payment obligations and contract terminations.
  • Preparing payment-related documents and agreements including assignment of rights, patient agreements to pay contracts and negotiated rate agreements.
  • Advising clients on federal and state laws related to out-of-network payments and balance billing, including the No Surprises Act
  • Counseling clients on state laws related to network adequacy, prompt pay provisions, "any willing provider" requirements, Medicaid managed care and Association Plans/Multiple Employer Welfare Associations (MEWAs).
  • Advising clients on federal laws and regulations related to Medicare Advantage plans, Medicaid managed care plans, Affordable Care Act provisions related to plan benefit design and premium payment and coordination of Benefit provisions/Medicare Secondary Payer regulations.
  • Assisting clients with the formation, registration and/or licensing of Health Maintenance Organizations, insurance companies, Third-Party Administrators, Utilization Review Agents, Preferred Provider Organizations/Networks, and Independent Physician Associations.

Insurance Regulatory

Ms. Rush routinely assists clients with insurance regulatory matters and is familiar with all lines of insurance including property and casualty, title, life, and health. Her work on insurance matters includes:

  • Advising insurance companies on acquisitions, redomestications, mergers, formations and expansions, reinsurance, insolvency and holding company matters.
  • Counseling clients on compliance and operational issues. 
  • Representing regulated clients before insurance departments around the country.
  • Assisting clients with response to cease and desist orders, civil investigation demands and related regulatory proceedings.
  • Assisting clients with preparation and filing of rate and form documents.
  • Advising clients on insurance premium tax matters and on the handling of unclaimed property laws and regulations. 
  • Assisting insurance agents and brokers with obtaining licensure in all 50 states, advising agents and brokers on regulatory matters, and representing them in administrative actions.
  • Counseling clients on compliance with insurance data security laws, drafting information security programs and assisting with cyber breach reporting obligations.
  • Counseling clients on issues related to captive formation and operations.
  • American Bar Association
    • Vice Chair – Health Lawyer Editorial Board (2018 – present)
  • American Health Law Association
  • Baton Rouge Bar Association
  • Executive Secretary – Louisiana Business Group on Health Board of Directors
  • Louisiana Hospital Association
  • Louisiana State Bar Association
  • Wex S. Malone Chapter of the American Inns of Court
  • Member – International Association of Privacy Professionals (CIPP/US, CIPP/C)
  • Fellow – American Bar Foundation
  • Listed in The Best Lawyers in America® for Health Care Law (2022 – 2024)
  • Listed in Who's Who Legal in Healthcare (2020)
  • Recognized as a "Top Forty Under 40" by the Baton Rouge Business Report (2013)
  • Board of Directors – Environment and Health Council of Louisiana (2010 – present; President, 2013 – 2019)
  • Board of Directors – March of Dimes Capital Area (2010 – 2016)
  • Board of Directors – Charles W. Lamar YMCA (2011 – 2017)
  • Board of Directors – Girls on the Run of Greater Baton Rouge (2012 – 2022)
  • Board of Directors – Louisiana Business Group on Health (2012 – present)
  • Co-presenter – "Privacy Dos and Don'ts and Social Media Risks," North Carolina Assisted Living Association (December 2022)
  • Panelist – "Cyber Extortion and Ransomware – Your Business is at Risk: Third Party Liability, Data Exfiltration and Information Disclosure Issues," ISACA North America Conference, New Orleans, Louisiana (May 2022)
  • Panelist – "Cyber: Business Interruption and Vendor Risk," WSIA 2022 Insurtech Conference, New Orleans, Louisiana (March 2022)
  • Panelist – "Regulatory Roulette: Leveraging and Navigating State Insurance Departments," ABA 2022 Insurance Coverage Litigation Seminar, Tucson, Arizona (March 2022)
  • Co-presenter – "Overview of Cyber and Automation Risks in the Oilfield," 20th Annual Energy Litigation Conference (November 2021)
  • Co-presenter – "Enterprise Risk in Cyber Extortion and Ransomware," RIMS Canada 2021 Virtual Conference (October 2021)
  • "A Ransomware Tale," Mississippi Society of CPAs' Health Care Services Conference (September 2021)
  • Co-presenter – "Cyber Security and Privacy Practices to Protect Patient Data and Mitigate Litigation and Regulatory Risk," ACI Managed Care Disputes and Litigation (June 9, 2021)
  • "Local Perspective: How Louisiana is Addressing Cyber Attacks and What Businesses Can Do to Protect Themselves" (November 2019)
  • Panelist – "Cybersecurity – Risks, Trends, Resources, and Legal Requirements," WEN 2019 National Conference, Denver, Colorado (March 2019)
  • "Professionalism," 2018 Louisiana Association of Health Plans' Annual Meeting CLE, "Issues in Health Law" (December 2018)
  • "Negotiating Effective Payer-Provider Contracts," ABA Physicians Legal Issues Conference, Chicago, Illinois (June 2018)
  • "HIPAA Compliance in the Current Healthcare Landscape," American Portable Diagnostic Association's Mid-Year Meeting, Louisville, Kentucky (May 2018)
  • "Cybersecurity for the C-Suite and Management," 31st Annual MSU Insurance Day, Starkville, Mississippi (April 2018)
  • "Surprise! You've Been Billed: Emerging Trends in Balance Billing Disputes," ABA Emerging Issues in Healthcare Law (February 2018)
  • "Ethics and E-Discovery," 2017 Louisiana Association of Health Plans' Annual Meeting CLE—Issues in Health Law (December 2017)
  • "Section 1557: Unfunded Federal Mandate or Landmark Civil Rights Healthcare Law? Understanding Healthcare Provider Responsibilities Under the ACA's Anti-Discrimination Rule," HBA Health Law Section CLE (January 2017)
  • Co-presenter – "Section 1557 – Are You Ready?," webinar, LeadingAge Texas (August 2016)
  • "Cyber Security: What Should be on Your Radar," Southern Gaming Summit/BingoWorld 2016 conference (May 2016)
  • "Legislation Affecting Our Industry," Louisiana Association of Health Plans Health Care at the Capitol conference (March 2014)
  • "Health Insurance Exchange Challenges and Solutions, Part II: Enrollment Assistance and Privacy and Security," American Health Law Association webinar (August 2013)
  • "The Health Care Reform Act: A Look at Key Health Coverage Provisions," VenueConnect (July 2013)
  • "The Impact of Health Reform's State Exchanges," Spring Managed Care Forum (May 2013)
  • "Making the Grade: Compliance in the Exchange Market," National Association of Specialty Health Organizations Webinar (November 2012)
  • "Explaining Health Care Reform: Exchanges And The Impact On Employers," Louisiana Business Group on Health's Webinar Series (October 2012)
  • "Explaining Health Care Reform: Wrap Up for 2011 and What to Expect in 2012," Louisiana Business Group on Health's Webinar Series (December 2011)
  • "The Impact of Healthcare Reform Law," New Orleans Regional Leadership Institute (February 2011)


  • Louisiana State University Paul M. Hebert Law Center, J.D., 1999
    • Law Review
  • Louisiana State University, B.S., 1996, magna cum laude
    • Phi Kappa Phi


  • Louisiana, 1999
  • United States District Court for the Eastern District of Louisiana
  • United States District Court for the Middle District of Louisiana
  • United States District Court for the Western District of Louisiana
  • United States Court of Appeals for the Fifth Circuit 

Email Disclaimer

NOTICE: The mailing of this email is not intended to create, and receipt of it does not constitute an attorney-client relationship. Anything that you send to anyone at our Firm will not be confidential or privileged unless we have agreed to represent you. If you send this email, you confirm that you have read and understand this notice.
Cancel Accept