GREGORY C. EWING, JD, MPH, CISSP
**** **** ****, *********, ** 78552
956-***-**** ( j6ptmy@r.postjobfree.com
EDUCATION:
|BRANDEIS UNIVERSITY, HELLER SCHOOL, Waltham, |BOSTON UNIVERSITY SCHOOL OF LAW, Boston,|
|MA |MA |
|Ph.D. Candidate, Health Policy (September |Juris Doctor (May 1995) |
|1996 to 2000) | |
|HARVARD SCHOOL OF PUBLIC HEALTH, Boston, MA |OBERLIN COLLEGE, Oberlin, OH |
|Master of Public Health, Law and Public |Bachelor of Arts, Music |
|Health Concentration (June 1996) | |
EXPERIENCE:
Employment Experience
THE ASBAHI LAW GROUP, Chicago, IL
Of Counsel (June 2010 to present)
. Provide health care advice and corporate compliance services to small
and institutional clients
. Provide HIPAA Privacy, Security, social media advice and analysis for
clients
. Provide physician recruitment and physician contracting services to
firm's clients
. Develop and market wrap-around HIPAA and healthcare compliance program
for solo physicians and small medical groups, which includes serving
as HIPAA Privacy, Security, and Corporate Compliance Officer
. Provide general legal advice to firm's clients, including advice on
mergers, acquisitions, entity formation, and investor negotiations
. Develop and negotiate product, service, and end user licensing
agreements
. Review, analyze and negotiate intellectual property licensing issues
for software products, start-up health care and investment analysis
and advice companies
. Draft joint venture and LLC operating agreements
. Draft warrant and subscription agreements
. Filed trademark applications on behalf of clients
. Develop and contribute to health care blog
. Conduct regulatory analysis and provide strategic advice to the firm's
clients on various topics, including CPNI, FDA labeling and
advertising requirements, Stark physician referral law, fraud and
abuse, the Anti-kickback statute, and 501(c)(2) title-holding
corporations
. Represented buyer in sale of Medicaid HMO will annual revenue of $355
million
BRANDON TECHNOLOGY CONSULTING, INC, Alexandria, VA
HIPAA Security Program Manager (November 2010 to February 2012)
. Served as HIPAA Security Program Manager and Subject Matter Expert for
the Air Force's Medical Operations Agency and 75 medical facility
treatments
. Reviewed and revised Air Force HIPAA Security policy and procedures
and training as necessary
. Developed HIPAA Security Officer orientation guidance for medical
treatment facilities
. Drafted analysis and guidance for proposed and existing health IT
projects to ensure compliance with the HIPAA Security, FDA, Privacy
Act, Department of Defense and Air Force rules and regulations
. Developed DoD 8500.2, NIST 800-53 rev. 3 Appendix F, HIPAA Security
crosswalk
. Assisted in the development of social media policy
AMERICAN RIVER STRATEGIC ADVISORS, LLC, Elk Grove, CA
Director (February 2009 to November 2010)
. Selected Clients:
o Wal-Mart Stores, Inc.(pharmacy and optical departments)
o TriCare Management Activity
o URAC
o Tara Cares, LLC
o TEKSystems, Inc.
o Pharmacists Planning Service, Inc.
. Activities:
o Drafted comments on the proposed HIPAA rule changes on behalf of
the Clinical Groupware Collaborative
o Provided strategic advice and plan of action on pending and
newly passed federal and state health-related legislation,
including the Patient Protection and Affordable Care Act
(PPACA), Public Law 111-148, and the provisions of the House
Reconciliation Bill
o Reviewed and analyzed EHR/EMR meaningful use legislation
o Directed HIPAA Privacy, Security, HITECH Act and ISO 27001/2
assessment, gap analysis, remediation and compliance efforts
o Served as HIPAA Security subject matter expert; provided legal
advice regarding strategic choices for developing information
systems processes and policies and procedures that are compliant
with the HIPAA Security Rule and best practices
o Reviewed, analyzed and revised training materials on the Privacy
Act of 1974 and the eGovernment Act of 2002
o Developed HIPAA and HITECH training tools
o Conducted site visits for HIPAA assessments, remediation and
training
o Provided legal advice and guidance on organization's policy and
procedure and training tools development and roll-out
o Developed data breach management plan and policy
o Drafted Red Flags Rule guidance memorandum
SMILE INITIATIVE OF MASSACHUSETTS, LLC, Brockton, MA
General Counsel (January 2009 to July 2011) (contract, part-time)
. Provided and/or coordinated all operational, contractual, and
transactional legal services for on-site, off-site, and community
dentistry services
. Provided oversight of risk, corporate compliance and the provider
accountability
. Participated in corporate strategy meetings to better understand and
promote company's legal and business needs
. Negotiated, drafted, and reviewed contracts
. Provided proactive legal assistance in developing tools and guidelines
to address legal issues and risks
. Researched and provided legal analysis of existing, new, and proposed
legislation and regulations impacting the healthcare industry
. Prepared, commented on, and implemented template documents, policies,
procedures, and guidelines implementing best practices
. Negotiated and drafted agreements, memorandums of understanding, and
letters of intent between the organization and local non-profit and
governmental entities
. Negotiated real-estate lease and licensing agreements
. Represented organization in communications with federal and state
agencies
. Drafted comments to state agency in response to proposed rules for off-
site dentistry
. Provided strategic advice and guidance on credentialing and licensing
matters
. Advised organization on operational legal issues, including Stark,
Anti-Kickback Statute, anti-trust, governance, HIPAA and HITECH Act
Privacy and Security, advertising, marketing and local zoning
regulation
. Developed documents to facilitate sale of company, non-compete
agreements and intellectual property and trademark provisions
SUTTER HEALTH, Sacramento, CA
Affiliate Support Counsel (March 2006 to February 2009)(supported 6
hospitals, PACE organization, medical foundation, and pathology laboratory)
. Reviewed, revised and drafted system-wide HIPAA Security policies and
procedures
. Provided legal advice on various privacy issues and regulations,
including HIPAA Privacy Rule, Information Privacy Act, Confidential
Medical Information Act, Patient Access to Health Records Act, and
Lanterman, Petris, and Short Act
. Reviewed, negotiated and drafted licensing agreements with software
companies and other vendors
. Provided legal services to health care providers which included
hospitals, medical foundations, and other health care provider groups,
along with various joint ventures generating $12 billion in annual
revenue
. Ensured Stark, Anti-Kickback and tax exempt status compliance for all
physician recruitment arrangements for the six hospitals located in
Sutter Health's Sacramento-Sierra region
o Advised hospital directors of physician recruitment on various
physician recruitment arrangements and options
o Reviewed and analyzed all physician recruitment funding requests
o Reviewed and revised all physician recruitment board of trustees'
materials
o Assisted in the development of system-wide physician recruitment
policy and procedures, templates and training materials
o Negotiated and drafted all physician recruitment agreements,
promissory notes and security agreements, amendments
o Negotiated and drafted all physician recruitment default
settlements and agreements
. Negotiated and drafted call coverage agreements, medical director
agreements, multi-year professional services agreements, general
surgery, psychiatrist, and general internist hospitalist agreements,
asset purchase agreements, and quality incentive plan agreements
. Provided training on Stark compliant behavior for incidental benefits
and non-monetary compensation
. Developed company vendor policy based PhRMA Code. AMA, and OIG
guidance.
. Participated in electronic health record development efforts
. Analyzed, advised, negotiated and drafted documents for business
transactions
. Advised internal clients regarding operational legal issues, including
Medicare and Medicaid reimbursement, Stark, Anti-Kickback Statute,
anti-trust, governance, EMTALA, HIPAA Privacy, advertising, marketing
and local zoning regulations
. Drafted/reviewed/edited various Sutter sponsored publications for
legal/policy impact
THOMPSON COBB BAZILIO & ASSOCIATES, P.C., Washington, DC
Senior Manager (August 2003 to March 2006)
. Project Manager - Led HIPAA Privacy compliance, implementation and
maintenance efforts
o Managed the privacy office for the District of Columbia's $1.2
billion Medicaid program through vendor contract
o Developed agency HIPAA Privacy policies and procedures
o Assisted in development of compliance training materials
o Served as Subject Matter Expert and interim Privacy Officer
o Developed HIPAA Privacy Rule Compliance Assessment Tool
. Served as Subject Matter Expert/Policy Analyst for District of
Columbia's HIPAA Security Rule Compliance program
o Assisted in the development of assessment documents to determine
compliance with regulatory requirements and best practices for
information security and the provision of related services for
nine District of Columbia agencies
o Assisted in the development of readiness assessment, business
impact analysis, risk analysis, security compliance checklist
reports; made recommendations to ensure compliance
o Reviewed, revised and drafted District-wide Security policies
and procedures
. Served as subject matter expert/senior policy analyst on fiscal
intermediary and carrier compliance assessment
o Drafted compliance and risk assessment tools; lead gap analysis
and evaluation; directed recommendations development
DASHIELL & ASSOCIATES, P.C., Boston, MA
Of Counsel (November 2001 to March 2006)
. Provided corporate, business, health law and litigation services to
national and international for-profit and not-for-profit organizations
. Participated in residential and commercial real estate transactions
and community development projects
CENTER FOR COMMUNITY HEALTH EDUCATION, RESEARCH AND SERVICE, Boston, MA
Project Manager (November 2000 to August 2003)
. Managed fifteen member team to implement a Health Resources & Services
Administration funded program designed to promote greater prescription
drug adherence, reduced pharmaceutical expense through the use of
disease state and case management provide by a team of clinical
pharmacists, and increased utilization of 340B Drug Pricing Program
. Developed IRB and patient consent processes
. Researched and analyzed Medicare/Medicaid reimbursement issues as well
as HIPAA and other federal and state statutes and regulations
. Drafted letters of understanding, contracts and memoranda; attended
and presented at various conferences
. Assisted in developing policy recommendations for Massachusetts League
of Community Health Center pharmacy task force
. Assisted in strategic planning and policy development for
Massachusetts Department of Medical Assistance and Massachusetts
Division of Health Care Policy and Financing
. Wrote proposals in response to RFPs
BROWN RUDNICK FREED & GESMER, Boston, MA
Associate, Corporate Department, Health Care Practice Group, Senior Care
Group, (1998 to 2000)
. Participated in federal criminal and civil defense of national health
care provider involving Medicare/Medicaid fraud and abuse, Stark,
illegal kickback, and false claims
. Participated in securitization of attorneys' fees generated from
national tobacco litigation settlements
. Reviewed, analyzed, and drafted physician, HMO, IPA, PHO, hospital and
health provider contracts and agreements
. Reviewed, analyzed, and drafted licensing, confidentiality, and non-
compete agreements on behalf of IT service and vehicle history report
companies
. Researched and drafted memoranda on legal topics including, but not
limited to, antitrust, intermediate sanctions, credentialing, risk
contracting, regulatory compliance, Medicare/Medicaid reimbursement
issues and HIPAA analysis
ASSOCIATIONS:
. Member, Sacramento Metro Chamber of Commerce, Health Policy Committee
(2009 to 2010)
. President, Past-Vice President, Board of Directors, Pharmacy
Foundation of California (2008 to present)
. Member, Board of Directors, Target Excellence (2006 to present)
. Member, Board of Trustees, George Washington University Hospital,
Washington, DC (2005 to 2006)
. Past - Co-Chair, Board of Trustees, Dimock Community Health Center;
also member - Strategic Planning Committee, and member - Mental Health
Human Rights Committee (1998 to 2003)
PROFESSIONAL MEMBERSHIPS:
. Certified Information Systems Security Professional ("CISSP"),
International Information Systems Security Certification Consortium
("(ISC)2")
. Member, Health Care Compliance Association
. Member, American Health Lawyers Association:
o Vice-Chair, Academic Medical Center Practice Group
o Co-Leader, Privacy and Security Compliance and Enforcement Affinity
Group, Health Information Technology Practice Group
o Past Vice-Chair, Strategic Activities, Healthcare Liability and
Litigation Practice Group;
. Past-Member, Health Information and Management Systems Society
. Past-Member, California Society of Healthcare Attorneys
. Member, Massachusetts Bar Association
SELECTED PUBLICATIONS AND PRESENTATIONS:
. Co-editor, Federal Breach Notification Resource Guide, American Health
Lawyers Association, 2011
. "HHS Steps Up Its Enforcement Activity, Requests More Dollars," USAF
HIPAA Team Quarterly Newsletter, June 2011
. "The Evolution and Revolution of Health IT," edithforge.com, January 2011
. "Court Awards $400,000 to Patient for Physician's Refusal to Provide Sign
Language Interpreter," Healthcare Liability & Litigation Newsletter,
American Health Lawyers Association, May 2009
. "Wireless Communication and Remote Access: Developing protections for
Today's Security Threats," Health Information Technology News, American
Health Lawyers Association, May 2007
. Columnist, Healthcare Review (monthly column entitled "Health Law") 1999-
2000
. Selected Presentations:
o "Electronic Health Records: What they are, current guidance, and
perceived barriers," (subcontract, TMA presentation) March 2010
o "PHI/EPHI HITECH Act Breach Notification and Protecting EPHI on
Mobile Computing Devices," Buffalo, NY, September 19, 2009
o "Stark Phase III, Incidental Benefits and Non-Monetary
Compensation," August 2008, Sutter Health, Davis, CA