As a member of the Firm's Health Law group and Data Protection, Privacy, and Cybersecurity Team, Andrew advises clients regarding complex data use and sharing arrangements, digital health strategies, technology agreements, and information privacy and security compliance considerations.
Andrew routinely counsels clients with respect to their privacy, cybersecurity, and information practices, including the compliance obligations imposed by the Health Insurance Portability and Accountability Act (HIPAA), 42 CFR Part 2, the ONC and CMS interoperability and information blocking regulations, state privacy and security laws, and global data protection laws such as the General Data Protection Regulation (GDPR). As co-leader of the Firm's GDPR Team, Andrew assists U.S.-based and global organizations with data processing agreements, issues involving international data transfers, and navigating conflicts between foreign privacy laws and U.S. compliance obligations with respect to data use and processing.
Andrew also helps clients with technology agreements and with identifying and addressing data protection and privacy risks through diligence counseling and negotiations in mergers and acquisitions.
During law school, Andrew served as a judicial extern for the Honorable Bernice B. Donald on the United States Court of Appeals for the Sixth Circuit.