Ranked in 1 Practice Areas
1

Band 1

Healthcare

Wisconsin

1 Years Ranked

About

Provided by Jennifer J. Hennessy

USA

Practice Areas

Intellectual Property, Technology Transactions, Cybersecurity & Privacy

Career

Jennifer Hennessy is a data privacy and cybersecurity attorney, advising clients ranging from multinational corporations to startups on all aspects of compliance with international, federal, and state data privacy and security laws. She is a partner in the firm’s Technology Transactions, Cybersecurity, and Privacy Practice, a member of the Telemedicine & Digital Health Industry Team, the Health Care & Life Sciences Sector, and Innovative Technology Sector.

Jennifer assists covered entities and business associates in complying with Health Insurance Portability and Accountability Act (HIPAA) and advises organizations on compliance with federal law 42 C.F.R. Part 2 (Confidentiality of Substance Use Disorder Treatment Records), the EU’s General Data Protection Regulation (GDPR), and state data privacy laws, including the California Consumer Privacy Act (CCPA).

She works with a broad array of clients in the telemedicine and digital health industry, most notably high-growth emerging companies and entrepreneurial technology groups. Her work focuses on health care privacy and security in digital health and multistate footprints. She also advises cash and self-pay telemedicine companies on privacy and security considerations.

Jennifer frequently guides clients through data incident management and the entire breach notification process, from the early stages of the investigation to the notification of affected individuals and government regulators, as well as through any resulting enforcement actions or regulatory investigations. Her depth of experience in this area allows her to provide clients with practical and business-oriented solutions in the event of a data incident and in its aftermath.

Professional Memberships

Member, Certified Information Privacy Professional – United States (CIPP/US)

Member, Certified Information Privacy Professional – Europe (CIPP/E)

Member, International Association of Privacy Professionals (IAPP)

Member, American Telemedicine Association (ATA)

Experience

HIPAA: Developed a HIPAA compliance program for a digital health provider, including drafting privacy policies and conducting HIPAA training for employees, negotiated hundreds of business associate agreements on behalf of covered entities and business associates, and advised providers, health plans, and business associates on their regulatory obligations.

Substance Use Disorder Information: Advised a multistate substance abuse treatment facility on navigating compliance with HIPAA, 42 C.F.R. Part 2, and state medical record confidentiality laws.

General Data Protection Regulation (GDPR): Consulted with a U.S. health system on the applicability of GDPR, advised a clinical trial sponsor conducting trials in the EU on developing a GDPR compliance program, and negotiated a substantial number of data processing agreements as part of a client’s GDPR compliance initiative.

California Consumer Privacy Act (CCPA): Advised a large health system on CCPA’s applicability, and counseled a manufacturer and sports management company on CCPA compliance, including drafting privacy notices, revising contracts, and developing protocols for responding to consumer rights requests.

Data breaches: Guided a health care organization through breach notification as a result of use of online tracking technologies, assisted a physician practice with an investigation into a phishing incident, and advised a large health care system on the implications of an application security flaw resulting in unauthorized access to patient data.

Regulatory investigations: Counseled a digital health provider in responding to a federal government inquiry regarding the provider’s data sharing practices, and represented a manufacturer in responding to an investigation by the federal Office for Civil Rights (OCR) and other regulatory authorities subsequent to a data breach affecting employee health plan data.

Data de-identification: Advised a health system on de-identification of patient data and the licensing of such de-identified data in accordance with HIPAA and other applicable law, including negotiation of the licensing agreement.

Health information exchanges: Assisted a health information exchange on navigating compliance with HIPAA, 42 C.F.R. Part 2, and state medical record confidentiality laws, including advising on the necessity of an opt-in versus opt-out consent model.

Security policies: Drafted and revised security policies and procedures for clients including a digital health company, a health information exchange, and a sports management company.

Education

University of Iowa

Bachelors

University of Iowa, Henry B. Tippie College of Business

M.B.A.

University of Iowa College of Law

Juris Doctor

Chambers Review

Provided by Chambers

Chambers Guide to the USA

Healthcare - Wisconsin

1
Band 1
Individual Editorial

Jennifer Hennessy is known for her cybersecurity and data privacy work, which overlaps with her healthcare practice. She has particular experience handling compliance-related matters, including advising clients on the Health Insurance Portability and Accountability Act.

Strengths

Provided by Chambers

Discover other Lawyers at
Foley & Lardner LLP

Provided by Chambers
Filter by
Band

California

Bankruptcy/Restructuring

Shane Moses
U
Shane Moses
U
Up and Coming
Healthcare

Judith A Waltz
1
Judith A Waltz
1
Band 1
Adam Hepworth
4
Adam Hepworth
4
Band 4
Anil Shankar
5
Anil Shankar
5
Band 5
Claire Marblestone
5
Claire Marblestone
5
Band 5
Intellectual Property: Patent Prosecution

Thomas Anderton
3
Thomas Anderton
3
Band 3
Litigation: White-Collar Crime & Government Investigations

Pamela L Johnston
3
Pamela L Johnston
3
Band 3
Thomas F Carlucci
5
Thomas F Carlucci
5
Band 5
Outsourcing

James R Kalyvas
2
James R Kalyvas
2
Band 2
Venture Capital

Louis Lehot
3
Louis Lehot
3
Band 3

District of Columbia

Healthcare

Lori Garber
4
Lori Garber
4
Band 4
Healthcare: Pharmaceutical/Medical Products Regulatory

Nathan Beaver
5
Nathan Beaver
5
Band 5
Intellectual Property: Patent Prosecution

Eric Sophir
2
Eric Sophir
2
Band 2

Florida

Construction

David Harper
4
David Harper
4
Band 4
Healthcare

Nathaniel Lacktman
1
Nathaniel Lacktman
1
Band 1
Thomas Ferrante
3
Thomas Ferrante
3
Band 3
Jana Kolarik
4
Jana Kolarik
4
Band 4
Rachel Goodman
4
Rachel Goodman
4
Band 4
Andrea Cunha
U
Andrea Cunha
U
Up and Coming
Insurance: Transactional & Regulatory

3
Austin Neal
3
Band 3
20 of 139 results

Key Sectors

Provided by Foley & Lardner LLP

Health and Life Sciences

Technology, Media and Telecoms (TMT)