Doriann’s experience includes advising clients on a variety of privacy and security laws, including the California Consumer Privacy Act (CCPA), the General Data Protection Regulation (GDPR), the Gramm-Leach-Bliley Act (GLBA), the Health Insurance Portability and Accountability Act (HIPAA), and state breach notification statutes. Specifically, Doriann’s experience includes:
- Drafting data use agreements, business associate agreements, and internal privacy and security policies and procedures
- Conducting privacy and security training
- Assisting with the implementation of privacy and security measures to protect drugs and devices
- Protecting individuals’ privacy rights in research and data searching
- Representing clients in breach investigations by the Office for Civil Rights (OCR) and state and federal governmental agencies
- Negotiating privacy and cybersecurity aspects of cloud computing and other sourcing arrangements
- Assessing privacy and security vulnerabilities in proposed transactions
Notably, Doriann is a Certified Information Privacy Professional (CIPP/US) in the laws of the United States for the private sector.
Additionally, Doriann counsels health and life sciences clients on a wide range of regulatory and compliance matters, including fraud and abuse laws, Medicare and Medicaid regulations, facility and licensure requirements, and telemedicine statutes.
Prior to joining the firm, Doriann practiced at an Indianapolis law firm and served as a law clerk at Rush University Medical Center’s Office of Legal Affairs during law school.