Tracy Weir represents clients in a broad range of matters, including Medicare reimbursement and compliance, antitrust, administrative appeals before the Office of Hearings and Appeals, HIPAA/HITECH and the 340B Drug Pricing Program.

Featured Videos

HHS Requests Comments on Proposed 340B Program Changes to Reduce Drug Prices June 13, 2018

Part III – So You Think GDPR Does Not Apply to American Companies? Think Again. March 14, 2018

Part II – So You Think GDPR Does Not Apply to American Companies? Think Again. February 21, 2018

Part I – So You Think GDPR Does Not Apply to American Companies? Think Again. January 17, 2018

Featured Experience

Represented Medicare suppliers in cases before the Office of Medicare Hearings & Appeals in administrative appeals of Medicare reimbursement denials.

Represented health care providers and health plans in connection with antitrust investigations by the Department of Justice and Federal Trade Commission. Substantial experience with joint ventures, clinical integration and third-party subpoenas.

Represented hospitals in connection with complex transactions involving compliance with Medicare regulations, including provider-based status, hospital-within-hospital and other payment and conditions of participation rules.

Professional Biography

Overview

Ms. Weir provides health care regulatory counseling to clients regarding issues pertaining to Medicare reimbursement and compliance, the 340B Drug Pricing Program, telehealth, and fraud and abuse. She also assists clients with payor audits, and routinely represents clients before the Office of Medicare Hearings and Appeals in administrative litigation involving denials of Medicare reimbursement.

Ms. Weir also counsels clients on data privacy and security matters that arise from federal and state laws, including HIPAA, HITECH and state data breach laws. She has substantial experience with HIPAA/HITECH compliance, including analyzing transactions and business relationships, preparing and negotiating business associate agreements, developing policies and procedures, and advising clients on data breaches and notification as well as handling Office of Civil Rights investigations. Additionally, she provides guidance to U.S. businesses regarding the EU's General Data Protection Regulation (GDPR).

Ms. Weir has substantial antitrust experience in the areas of joint ventures, clinical integration and accountable care organizations; mergers and acquisitions; government investigations in the merger and non-merger context; and Non-Profit Institutions Act "own-use" exemption analyses. She has advised clients on issues arising from the Sherman Act, Clayton Act, Hart-Scott-Rodino Antitrust Improvements Act, Robinson-Patman Act and Federal Trade Commission Act.

As part of her practice, Ms. Weir has represented hospitals, physician groups, dental practices, community mental health centers, rehabilitation agencies, medical device suppliers, pharmaceutical companies, pharmacies, laboratories, organ procurement organizations, health insurers, technology companies and data analytics companies.

Representative Matters

Represented Medicare suppliers in cases before the Office of Medicare Hearings & Appeals in administrative appeals of Medicare reimbursement denials.
Represented health care providers and health plans in connection with antitrust investigations by the Department of Justice and Federal Trade Commission. Substantial experience with joint ventures, clinical integration and third-party subpoenas.
Represented hospitals in connection with complex transactions involving compliance with Medicare regulations, including provider-based status, hospital-within-hospital and other payment and conditions of participation rules.
Represented covered entities and business associates with regard to compliance with HIPAA and HITECH standards, including negotiating service and business associate agreements, preparing policies and procedures, and analyzing complex transactions and business relationships.
Conducted audits and due diligence reviews for a broad array of clients with regard to compliance with Medicare standards, HIPAA, fraud and abuse, and 340B Drug Pricing Program compliance.
Represented clients before the Centers for Medicare & Medicaid Services in connection with regulatory and policy interpretation issues and billing revocation determinations; the Office for Civil Rights for HIPAA Privacy Rule investigations and data breach notifications; and the Health Resources and Services Administration, Office of Pharmacy Affairs, for 340B Drug Pricing Program compliance.
Served as privacy counsel to one of the largest providers of rehabilitation therapy in the country, including advice concerning the organization of a privacy and security compliance framework and assistance with HIPAA analyses on an on-going basis.

Professional Honors & Activities

Listed in Washington, D.C. Super Lawyers as a Rising Star in Health Care (2013)
Nightingale's Healthcare News, Outstanding Healthcare Antitrust Lawyer (2007)
Member – American Bar Association, Antitrust Section; Vice Chair, Health Care and Pharmaceuticals Committee (2007 – 2011)
Member – American Health Lawyers Association

Publications

"CMS Issues Draft Guidance on Shared Space Arrangements" (May 2019)
"Government Appeals 340B Payment Cuts Decision; Question of Relief Continues in District Court," Payment Matters (March 2019)
"Administrative and Congressional Activity Related to the 340B Drug Pricing Program Likely To Continue in 2019," ABA Health eSource (February 2019)
"Court Rules HHS 340B Payment Cuts Unlawful; HHS Seeks Stay in Proceedings," reprinted in Medical News (January 2019)
"HRSA to Enforce 340B Program Oversight of Drug Manufacturers Next Year and Share 340B Ceiling Prices with Covered Entities," Payment Matters (December 2018)
"CMS to Issue Guidance on Shared Space Arrangements," Payment Matters (December 2018)
"HRSA Guidance Updates Suggest Tightening of 340B Covered Entity Repayment Rules," Health Law Alert (October 2018)
"CMS Proposes More Payment Changes for 340B Hospitals in 2019," Payment Matters (August 2018)
"Beyond GDPR: EU's ePrivacy Regulation to Add New Layer of Data Obligations" (June 2018)
"It's Here… GDPR Goes into Effect May 25" (May 2018)
"CMS Issues Updated Medicare Payment and Billing Policies for 340B Hospitals ," Payment Matters (April 2018)
"Employers Get Ready: GDPR Implications in the Employment Law Arena" (March 2018)
"The New Option in Town: Applying for the Low Volume Appeals Settlement" (February 2018)
"Medicare 340B Drug Payment Policy Survives Legal Challenge; Hospitals Say, It's Not Over," Payment Matters (January 2018)
""Breaking Bad" News: Sharing PHI During Opioid Crisis," Health Law Alert (November 2017)
"CMS's Massive 340B Drug Pay Cut Policy Lands in Federal Court," Payment Matters (November 2017)
"OCR Examines Hybrid Entity Designation in Latest HIPAA Settlement" (November 2016)
Co-author – "Valuable Information Security Lessons from Olympus Mortgage vs. Guaranteed Rate," Law Journal Newsletters (July 2016)
"Are You Ready? New Round of HIPAA Audits Are Underway" (March 2016)
"Big Payment Changes Revealed In New Medicare Part B Drug Payment Test" (March 2016)
Co-author – "The Raising of a Privacy Shield," e-Commerce Law & Strategy Newsletter (March 2016)
"CMS Relaxes Proposals for Returning Overpayments, but Significant Questions Remain" (February 2016)
"U.S.-EU Safe Harbor Agreement Reached: Introducing the EU-U.S. Privacy Shield" (February 2016)
"Uncertainty Abounds After EU High Court Invalidates EU-U.S. Safe Harbor Framework" (October 2015)
"HRSA Issues Long-Awaited 340B Program Omnibus Guidance Proposal" (September 2, 2015)
"340B Program 'Regulations' in Flux: Questions Remain after PhRMA v. HHS," Dennis Barry's Reimbursement Advisor (2014)
"Telehealth: Great Promise, Uncertain Business Model," Law360 (2014)
Co-author – "The Tide Turns: TRICARE Network Provider Agreement Qualifies As A Federal Subcontract," Dennis Barry's Reimbursement Advisor (2014)
"Beyond the Request: The Pandora’s Box that is the HITECH Right to Restrict Disclosure," Dennis Barry's Reimbursement Advisor (2013)
"OFCCP Continues to Pursue Jurisdiction Over Health Care Providers: Questions Remain on Federal Subcontractor Status After OFCCP v. Florida Hospital," Dennis Barry's Reimbursement Advisor (2013)
Co-author – "CMS Policy on Off-Shore Claims Processing," Dennis Barry's Reimbursement Advisor (2013)
"A Shot in the Arm for Section 2 Enforcement," Law360 (2011)

Speaking Engagements

"Legal Procurement Guide to the GDPR," Buying Legal Council Legal Lessons Series Webinar (April 2019)
"EU GDPR Implications for U.S. Employers: Top Questions and Tips" (June 2018)
"Southern Gaming Summit - Cybersecurity in a World Full of Threats" (May 2017)
"Medicare Fraud & Abuse: Implications for Physicians," Emerging Issues in U.S. Health Care Policy Conference, Southern Medical Association for Physician Executive MBA Program, Auburn University, Raymond J. Harbert College of Business (March 2017)
"Data Privacy, Security and Liability for Breaches," Tennessee Hospitality & Tourism Law Symposium, Nashville, Tennessee (July 2016)
"Medicare Claims Appeals: From Audit to OMHA," AdvaMed Medical Device Reimbursement Workshop (2014)
"340B Program: Audits, Corrective Actions, and Other Developments," King & Spalding Houston Lunch & Learn Roundtable (2014)
"Breaches, Business Associates, and Beyond: What You Need to Know About the New HIPAA/HITECH Regulations," King & Spalding Roundtable Program (2013)
"Overcoming Regulatory Hurdles," Baker Donelson Accountable Care Symposium (2011)

Webinars

HHS Requests Comments on Proposed 340B Program Changes to Reduce Drug Prices (June 2018)
Part III – So You Think GDPR Does Not Apply to American Companies? Think Again. (March 2018)
Part II – So You Think GDPR Does Not Apply to American Companies? Think Again. (February 2018)
Part I – So You Think GDPR Does Not Apply to American Companies? Think Again. (January 2018)
Claims Appeals Developments and Proposals for Expansion (August 2016)

Press Releases

Baker Donelson Expands Health Law Group with Addition of Three Attorneys (July 6, 2015)

In the News

Law360 Highlights the Addition of Three D.C. Attorneys to Baker Donelson's Health Law Group (July 7, 2015)

Videos

HHS Requests Comments on Proposed 340B Program Changes to Reduce Drug Prices (June 13, 2018)
Part III – So You Think GDPR Does Not Apply to American Companies? Think Again. (March 14, 2018)
Part II – So You Think GDPR Does Not Apply to American Companies? Think Again. (February 21, 2018)
Part I – So You Think GDPR Does Not Apply to American Companies? Think Again. (January 17, 2018)

Awards

Practices

Industries

Education

Washington College of Law, American University, J.D., cum laude, 2002
- American University Law Review, Associate Managing Editor
- Legal Methods Dean's Fellow, 1999 – 2000
Rollins College, Paralegal Studies Program, Post Graduate Certificate, with honors, 1993
Purdue University, with honors, B.A., 1992