Medicare Advantage |

OCR’s 8th Investigation Announcement Clearly Warns HHS-Funded Organizations To Ensure Merit-Based Decisions & Manage Antisemitism & Other Prohibited Discrimination Risks

May 14, 2025

Academic medicine and other education, health care, Medicare or Medicaid Advantage insurers, and other organizations received another warning to update and strengthen the defensibility of their policies and practices system-wide for preventing anti-Semitism, and other race, color, national origin, race, religious or other discrimination from the Department of Health & Human Service’s May 13, 2025, announcement of another investigation of another university for anti-Semitism in violation of the Civil Rights Act of 1964 (“CRA”) and other federal civil rights laws.

The Civil Rights Act of 1964 (the “CRA”), the Equal Protection Clause of the 14^th Amendment to the United States Constitution, Section 1557 of the Patient Protection and Affordable Care Act (“Section 1557”) and various other federal laws discrimination on the basis of race, national origin, color and certain other status by covered government or private organizations by health care, Medicare and Medicaid Advantage, academic medicine and other education, child care, research and other HHS-funded organizations, employers and other entities.

Since President Donald J. Trump (“President Trump”) took office in January, HHS OCR, the Departments of Education and Justice, the Equal Employment Opportunity Commission (“EEOC”) and other federal agencies are aggressively investigating anti-Semitism, anti-Christianity, and certain other race, color, national origin and religious discrimination by academic medicine and other educational institutions, health care organizations, health insurers, employers and other organizations covered by these civil rights laws. These investigations and enforcement actions target prohibited discrimination in all forms, including the use of race, national original, color, sex, religion and other non-merit based criteria, even when those criteria are applied to promote racial balancing, diversity or other similar goals.

Trump Merit-Based Civil Rights Executive Orders Heighten Public & Private Civil Rights & Other Discrimination Risks

This heightened investigation and enforcement emphasis is a direct response to the directives of President Trump in a series of Executive Orders directing federal agencies zealously to combat anti-Semitism, anti-Christian, and other discrimination or bias based on race, color, national origin and religion. See e.g., Executive Order 14188 – Additional Measures To Combat Anti-Semitism (January 29, 2025); Executive Order 14202, Eradicating Anti-Christian Bias (February 6, 2025); Executive Order 14291, Establishment of the Religious Liberty Commission (“May 11, 2025); and Executive Order 14291, Establishment of the Religious Liberty Commission (May 1, 2025).

As part of these directives, President Trump specifically singled out anti-Semitism for special attention and concern, In Executive Order 14188, for instance, President Trump directed HHS, the Justice Department and other agencies to vigorously enforce the Civil Rights Act to combat the rise of anti-Semitism and anti-Semitic incidents in the U.S. and around the world. While Executive Order 14188 specifically targeted the use of the Civil Rights Act and other federal prohibitions against race, color and national origin discrimination to fight anti-Semitism, Executive Order 14188 also noted that anti-Semitism also can violate federal protections against religious discrimination, stating:

…[Title VII] prohibits discrimination on the basis of race, color, and national origin in programs and activities receiving Federal financial assistance. While Title VI does not cover discrimination based on religion, individuals who face discrimination on the basis of race, color, or national origin do not lose protection under Title VI for also being a member of a group that shares common religious practices. Discrimination against Jews may give rise to a Title VI violation when the discrimination is based on an individual’s race, color, or national origin.

The Trump Administration’s emphasis on protecting federal right of conscience and other religious freedom protections is made more perilous by his sharp disagreement, revocation, and characterization as patently illegal various key aspects of the interpretation and enforcement policies of the Biden, Obama and other previous administration regarding federal right of conscience and other religious freedom, sexual orientation, reproductive rights and other civil rights policies and protections. See e.g., Executive Order 14281 -Restoring Equality of Opportunity and Meritocracy (April 23, 2025). These directives and widespread coverage and publicity of the actions by HHS and other federal agencies to implement and enforce the Administration’s Merit Based interpretation and enforcement of civil rights laws are fueling a a slew of new federal investigations and enforcement, as well as encouraging and shaping private discrimination claims by both parties advantaged or disadvantaged by the Administration’s interpretations.

As reflected by OCR’s May 13, 2025 announcement of its investigation of complaints against a “prestigious” midwestern university (“University”), OCR and other federal agencies are responding by zealously investigating complaints of anti-Semitism or other race, color, national origin and religious discrimination by academic and other health care, education, health insurance and other organizations receiving federal funding under programs managed by HHS.

Announced OCR Investigations Since February Show HHS Enforcement Risks

According to OCR, the investigation announced on May 13, 2025, and other investigations “[are] part of a broader effort by the Administration’s multi-agency Joint Task Force to Combat Anti-Semitism. OCR opened the investigation against the University in response to a complaint from a multi-stakeholder advocacy organization that alleges “systemic concerns regarding the University’s actions to maintain a campus climate, academic direction, and institutional policy that ensures nondiscrimination on the basis of race, color, and national origin.” OCR says its investigation will examine whether the University complied with its obligations under Title VI not to discriminate against Jewish students, such that it denied them an educational opportunity or benefit.

Before OCR issued is May 13, 2025, announcement, OCR and other federal agencies previously had announced Civil Rights Act and other investigations of illegal anti-Semitism at four academic medical centers based on their response to protests and other anti-Semitic activity during graduation and other activities. In addition, OCR also had announced similarly high-profile investigation or enforcement actions against Harvard University and Harvard Law Review, a HHS-funded health services research scholarship program; eight medical schools and hospitals; a HHS-funded health research program; a California-based medical school; the State of Maine and others for impermissibly applying race, color, national origin, sex, religious or other prohibited criteria in operating their programs.

The message from these and other HHS investigations and enforcements is clear. “Institutions of higher education receiving HHS Federal financial assistance are responsible for complying with Title VI’s nondiscrimination mandates,” said Anthony Archeval, Acting Director of the Office for Civil Rights at HHS. “OCR is committed to ensuring students’ education, safety, and well-being are not disrupted due to discrimination at institutions funded by taxpayer dollars.”

Dear Colleague Letter Advises Academic Medicine & Other HHS-Funded Organizations On Implementing Merit Based Decisionmaking

While warning academic medical and other health care and other HHS-funded organizations against the application of non-merit based criteria and other prohibited race, national origin, color, sex and religious discrimination, OCR also has sought to encourage covered entities to adapt their policies and practices to comply with President Trump’s merit based interpretation of the Civil Rights Act and other federal civil rights law prohibitions against race, color, national origin, sex and religious discrimination through a May 6, 2025, “Dear Colleague” Letter. In the dear Colleague Letter, OCR ‘clarifies’ its updated policies interpreting and enforcing what constitutes race-based discrimination under Title VI, Section 1557, and the Equal Protection Clause of the United States Constitution as applied to student admissions, academic and campus life, and the operation of university hospitals and clinics.

The Dear Colleague Letter reiterates that Title VI and Section 1557 prohibit academic medical and other covered organizations from relying on race-based criteria, racial stereotypes, and facially neutral criteria that operate as a pretext for race. Instead, citing to the Supreme Court’s decision in Students for Fair Admissions v. Harvard, 600 U.S. 181 (2023) and President Trump’s Executive Order 14173, Ending Illegal Discrimination and Restoring Merit-Based Opportunity, the Dear Colleague Letter warns HHS funded academic medicine and other organizations that these federal rules require health care providers, and those in the health professions pipeline make their selections and decisions “based on merit and clinical skills, not race” or other non-merit based criteria even when the purpose of the use of the criteria is to promote diversity or racial-balancing.

The Dear Colleague Letter discloses that in applying its merit-based interpretation of Title VI and Section 1557, OCR will prioritize enforcement against HHS funded organizations that:

Use race as part of their application or employment processes;

Require diversity, equity, and inclusion statements in connection with hiring or promotion; or
Lack clear policies demonstrating compliance with Students for Fair Admissions v. Harvard.

Accordingly, the Dear Colleague Letter advises medical schools and other HHS-funded organizations to:

Ensure their policies and procedures comply with existing federal civil rights laws;
Discontinue criteria, tools, or processes that serve as substitutes for race or are intended to advance race-based decision-making; and
End reliance on third-party contractors, clearinghouses, or data aggregators that engage in prohibited uses of race.

Act Now To Mitigate Risks From Past, Current & Future Non-Merit Based Decisions & Other Prohibited Discrimination

The new emphasis of HHS and other agencies on investigation and enforcement of federal protections for race, national origin, and other civil rights laws alone should prompt all health care and other HHS-regulated authorities prospectively to reevaluate and update their own practices to strengthen their defensibility under new standards.

As the Trump Administration civil rights directives and interpretations apply to all federal agencies, all organizations should consider and redress their exposure to civil rights or other discrimination under EEOC and other workforce, Department of Justice, and other applicable agency rules when assessing the adequacy of their existing policies and practices.

Organizations also should anticipate the likely need to defend past actions taking into account given the practice of HHS and other agency to apply the merit-based civil rights law interpretations of the Trump Administration even to events and actions that occurred while organizations were subject to the diversity, equity and inclusion friendly interpretations of federal civil rights laws during the Biden Administration. Since the investigation and enforcement actions announced by HHS and other agencies so far retroactively apply the newly announced Trump-era interpretations and standards to investigations of events and actions that occurred during the Biden Administration, prospective changes to enhance the defensibility of current and future actions alone may not be enough. Rather, health care and other organizations need to prepare for the possibility that HHS or other agencies may require their organization to defend Biden-era events under the new Trump Administration interpretations and enforcement policies. In the face of these developments, all health care organizations receiving funding from HHS should review their current and past policies and actions implicating federally civil rights laws to assess and manage their potential past exposures and mitigate future risks.

Because the process of reviewing and revising their policies and practices inevitably will require medicine and other HHS-funded institutions to identify and engage in legally and politically sensitive discussions of past and current policies, events, and actions affecting the competing interests of individuals or organizations whose opportunities are either helped or hurt by the Trump Administration’s transition to a merit-based interpretation of civil rights laws as well as potential whistleblower and retaliation exposures, academic medicine and other HHS-funded organizations generally should work with within the scope of attorney-client privilege with legal counsel experienced with these and other civil rights laws and dealing with OCR and other agencies in relation to investigations and enforcement actions under these rules.

The author of this update, Cynthia Marcotte Stamer has decades of experience advising, representing, and defending health care providers, Medicare and Medicaid Advantage and other public and private health plans and plan sponsors, public and private employers, government contractors and grant recipients, educational organizations, child care facilities, employers, technology, data, third party administrators, and other managed care and other health care, defense, technology, life sciences and other clients about Civil Rights Laws and other religious, civil rights and other discrimination, HIPAA and other privacy and data security, False Claims Act and other billing and reimbursement, quality, technology, licensing and accreditation, whistleblower and other workforce, enforcement, governmental affairs, dispute resolution, and other compliance, risk management and operational matters. If you have questions or need advice or help evaluating or addressing these or other compliance, risk management, or other concerns, contact her.

For More Information

We hope this update is helpful. For more information about the or other health or other employee benefits, human resources, or health care developments, please contact the author Cynthia Marcotte Stamer via e-mail or via telephone at (214) 452-8297.

Solutions Law Press, Inc. invites you receive future updates by registering on our Solutions Law Press, Inc. Website and participating and contributing to the discussions in our Solutions Law Press, Inc. LinkedIn SLP Health Care Risk Management & Operations Group, HR & Benefits Update Compliance Group, and/or Coalition for Responsible Health Care Policy.

About the Author

Recognized by her peers as a Martindale-Hubble “AV-Preeminent” (Top 1%) and “Top Rated Lawyer” with special recognition LexisNexis® Martindale-Hubbell® as “LEGAL LEADER™ Texas Top Rated Lawyer” in Health Care Law and Labor and Employment Law; as among the “Best Lawyers In Dallas” for her work in the fields of “Labor & Employment,” “Tax: ERISA & Employee Benefits,” “Health Care” and “Business and Commercial Law” by D Magazine, Cynthia Marcotte Stamer is a practicing attorney board certified in labor and employment law by the Texas Board of Legal Specialization and management consultant, author, public policy advocate and lecturer widely known for her more than 35 years of health industry and other management work, public policy leadership and advocacy, coaching, teachings, and publications including leading edge work on workforce and other risk management and compliance.

In addition, Ms. Stamer serves as a Scribe for the American Bar Association (“ABA”) Joint Committee on Employee Benefits annual agency meetings with OCR and shares her thought leadership as International Section Life Sciences Committee Vice Chair, and a former Council Representative, Past Chair of the ABA Managed Care & Insurance Interest Group, former Vice President and Executive Director of the North Texas Health Care Compliance Professionals Association, past Board President of Richardson Development Center (now Warren Center) for Children Early Childhood Intervention Agency, past North Texas United Way Long Range Planning Committee Member, and past Board Member and Compliance Chair of the National Kidney Foundation of North Texas, and a Fellow in the American College of Employee Benefit Counsel, the American Bar Foundation and the Texas Bar Foundation, Ms. Stamer also shares her extensive publications and thought leadership as well as leadership involvement in a broad range of other professional and civic organizations.

Author of many highly regarded compliance, training and other resources on cybercrime and other data privacy and security, health and other employee benefits, health care, insurance, workforce and other risk management and compliance, Ms. Stamer is widely recognized for her thought leadership and advocacy in these matters.

For more information about Ms. Stamer or her health industry and other experience and involvements, see www.cynthiastamer.com or contact Ms. Stamer via telephone at (214) 452-8297 or via e-mail here.

About Solutions Law Press, Inc.™

Solutions Law Press, Inc.™ provides health care, human resources and employee benefit and other business risk management, legal compliance, management effectiveness and other coaching, tools and other resources, training and education on health care, leadership, governance, human resources, employee benefits, data security and privacy, insurance, and other key compliance, risk management, internal controls and operational concerns. If you find this of interest, you also be interested reviewing some of our other Solutions Law Press, Inc.™ resources including the following recent publications about related emerging developments:

If you or someone else you know would like to receive future updates about developments on these and other concerns, please be sure that we have your current contact information including your preferred e-mail by creating your profile here.

NOTICE: These statements and materials are for general information and purposes only. They do not establish an attorney-client relationship, are not legal advice or an offer or commitment to provide legal advice, and do not serve as a substitute for legal advice. Readers are urged to engage competent legal counsel for consultation and representation considering the specific facts and circumstances presented in their unique circumstances at the particular time. No comment or statement in this publication is to be construed as legal advice or admission. The author reserves the right to qualify or retract any of these statements at any time. Likewise, the content is not tailored to any particular situation and does not necessarily address all relevant issues. Because the law constantly and often evolves, subsequent developments that could impact the currency and completeness of this discussion are likely. The author and Solutions Law Press, Inc. disclaim and have no responsibility to provide any update or otherwise notify anyone of any fact or law-specific nuance, change, limitation, or other condition that might affect the suitability of reliance upon these materials or information otherwise conveyed in connection with this program. Readers may not rely upon, are solely responsible for, and assume the risk and all liabilities resulting from their use of this publication.

Circular 230 Compliance. The following disclaimer is included to ensure that we comply with U.S. Treasury Department Regulations. Any statements contained herein are not intended or written by the writer to be used, and nothing contained herein can be used by you or any other person, for the purpose of (1) avoiding penalties that may be imposed under federal tax law, or (2) promoting, marketing or recommending to another party any tax-related transaction or matter addressed herein.

Leave a Comment » | Academic medicine, Child Care, Childcare, Civil Rights, Conditions of Participation, Cultural diversity, dei, Direct Primary Care, Disability Discrimination, Discrimination, early childhood education, Education, Employee Benefits, Employer, Employment, Federal Health Center, Government contractor, Grant recipients, Grants, Health Care, Health Care, Health Care Finance, Health Care Provider, Health Insurance, Health Insurance Exchange, Health Plan, Health Plans, healthcare, Heath Care Exchange, HHS, Home Health, home health, Hospice, Hospital, Hospital, hospitals, Medicaid, Medicaid Advantage, Medical Licensure, Medicare, Medicare Advantage, Medicare Advantage, OCR, OCR, Patients, Pharmaceudical, Reproductive Rights, Rural Health Care, Section 1557, University, Veterans Health | Tagged: Civil Rights, donald-trump, Education, Merit-Based, news, politics, Trump | Permalink
Posted by Cynthia Marcotte Stamer

$11 Million False Claims Act Cybersecurity Settlement Reminds Health Plas HIPAA Isn’t Only Cyberbreach Exposure

March 17, 2025

The more than $11 million Health Net Federal Services Inc. (“HNFS”) and its corporate parent Centene Corporation, have agreed to pay under a settlement resolving claims that HNFS falsely certified compliance with cybersecurity requirements in a contract with the U.S. Department of Defense (“DoD”) reminds health industry organizations that Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) is only one of many federal statutes under which their organizations and their leaders can incur liability for cybersecurity breaches or other deficiencies. As the HNFS settlement makes clear, for instance, HIPAA Entities and other businesses that violate conditions of participation or contractual requirements for federal program participation also risk potential significant liability for deficiency in their compliance with data security, privacy or other cybersecurity requirements of those programs.

HIPAA Important But Not Only Cyber Liability Risk For Health Industry Organizations

Most health care providers, health insurers and other health plans, healthcare clearinghouses (“Covered Entities”) and their business associates (collectively, “HIPAA Entities”) recognize the importance of complying with the national standards for the protection of individuals’ electronic protected health information (“ePHI”) set forth in HIPAA Privacy, Security, and Breach Notification Rules (the “HIPAA” Rules”) to minimize or avoid painful civil monetary penalties or even criminal liability HIPAA authorizes for violations of HIPAA.

While the lengthy and growing list of HIPAA civil monetary penalties and resolution agreements obtained by the Department of Health and Human Services (“HHS”) Office of Civil Rights found to have violated the Security or other requirements of the HIPAA Rule shows the continued importance for HIPAA Entities to maintain HIPAA compliance, enforcement actions like the HNFS drive home that HIPAA Entities should not ignore other important cybersecurity obligations arising from the cybersecurity requirements created under terms of participation applicable to federal programs, or other applicable laws or statutes.

HNFS False Claims Act Cyber Liability Settlement

The HNFS enforcement action and settlement reveals False Claims Act liability as another significant cyber liability risk for health care providers, health care exchange insurers, Medicare Advantage, Medicaid Advantage, SCHIP, TRICARE and other military health, health technology, and other health industry organizations and their business associates and other subcontractors, who are government contractors or grant recipients.

The Justice Department previously has warned federal contractors that failing to fulfill or falsely certifying their compliance with required cybersecurity standards applicable to their contracts or programs could expose them to civil liability for violation of the False Claims Act^[1] (“FCA”). On October 6, 2021, then Deputy Attorney General Lisa O. Monaco announced a Civil Cyber-Fraud Initiative would use the FAC to hold accountable government contractors and grant recipients that put U.S. information or systems at risk by knowingly providing deficient cybersecurity products or services, knowingly misrepresenting their cybersecurity practices or protocols, or knowingly violating obligations to monitor and report cybersecurity incidents and breaches applicable to their federal contracts or programs.

To violate the FCA, the government contractor or other accused person must have submitted, or caused the submission of, the false claim or made a false statement or record with knowledge of the falsity. Under Section 3729(b)(1), knowledge of false information is defined as being (1) actual knowledge, (2) deliberate ignorance of the truth or falsity of the information, or (3) reckless disregard of the truth or falsity of the information.

The Department of Justice obtained more than $2.9 billion in settlements and judgments from civil cases involving fraud and false claims against the government in the fiscal year ending Sept. 30, 2024. Under the FCA, government contractors or other persons violating the FCA generally are liable to pay the United States three times the government’s damages plus a penalty that is linked to inflation for knowingly submitting or causing another to submit a false claim to the government; making a false record or statement to get a false claim paid by the government; acting improperly to avoid having to pay money to the government; or conspiring to violate the FCA. In addition to allowing the United States to pursue FCA violations on its own, the FCA allows private citizens to file “qui tam” suits on behalf of the government against violators of the FCA. Private citizens who successfully bring qui tam actions may receive a portion of the government’s recovery. Many Justice Department FCA and other fraud investigations and lawsuits arise from such qui tam actions.

While the Justice Department’s announcement of the HNFS settlement did not expressly reference the Civil Cyber-Fraud Initiative, the action and statements made by Justice Department officials in connection with its announcement reflect that the Justice Department remains committed to using the False Claims Act to hold federal government health care and other contractors, subcontractors, and grant recipients accountable for failing to comply with applicable federal cybersecurity requirements.

Beginning in 2010, HNFS contracted with the DOD to provide managed healthcare support services for the TRICARE program in approximately 22 states. The support services included administrative support services, provider network development, referral management, enrollment support, and claims processing services. In 2016, Centene succeeded to these contractual obligations when it acquired all of the shares of Health Net Inc., HNFS’s corporate parent, and assumed the liabilities of HNFS. Consistent with applicable conditions for participation in the program, HNFS’s contract with the DOD required HNFS to comply with DOD data security and privacy requirements and to periodically certify that compliance.

The TRICARE contract required HNFS to “provide information management and information technology support as needed to accomplish the stated functional and operational requirements of the TRICARE program” and to adhere to certain privacy standards and cybersecurity requirements, including but not limited to 48 C.F.R. § 252.204-7012 and 51 security controls listed in the National Institute of
Standards and Technology Special Publication 800-53 (NIST 800-53), Security and Privacy Controls for Information Systems, Revision 4. The annual certification requirement included in the contract also required HNFS annually to certify both compliance with the standards and “that the security controls required by the contract are implemented correctly, operating as intended, and support the security policies of the Defense Health Agency.”

The settlement resolves DOD and Justice Department allegations that, between 2015 and 2018, HNFS failed to provide the cybersecurity controls required under its contract. Specifically, Justice Department charged that:

HNFS failed to timely scan for known vulnerabilities and remedy security flaws on its networks and systems, in accordance with its System Security Plan and response times established by HNFS;
HNFS ignored reports from third-party security auditors and its internal audit department of cybersecurity risks on HNFS’ networks and systems related to asset management; access controls; configuration settings; firewalls; end-of-life hardware and software in use; patch management (i.e., installing critical security updates released by vendors to counter known threats); vulnerability scanning; and password policies; and
HNFS falsely attested to DHA that it was in compliance with at least seven of the NIST 800-53 security controls listed in the NIST Compliance Certifications when it submitted those certifications to DHA

The Justice Department and DOD also charged HNFS with falsely certifying compliance with these controls in annual reports to DHA that were required under its contract to administer the TRICARE program.

As a result of these deficiencies, the Justice Department and Department of Defense claimed that HNFS’ claims for reimbursement under the Tricare contract were false, regardless of whether there was any exfiltration or loss of servicemember data or protected health information.

To resolve the alleged False Claims Act liability asserted by the government, HNFS and Centene Corporation agreed to pay $11,253,400 to the Department of Justice. The settlement agreement also expressly reserves the United States’ right to pursue any criminal charges arising from the conduct and limits HNFS and Centene from raising the settlement as a bar to any such criminal charges.

Statements made by Justice Department officials in its announcement of the HNFS settlement signal that the Justice Department remains committed to using the False Claims Act to hold government contractors and other recipients of federal funds accountable for failing to comply with cybersecurity requirements of their contracts.

The press release announcing the settlement quotes Acting Assistant Attorney General Brett A. Shumate, head of the Justice Department’s Civil Division as warning, “We will continue to pursue knowing violations of cybersecurity requirements by federal contractors and grantees to protect Americans’ privacy and economic and national security.”

Meanwhile, Cyber Field Office Special Agent in Charge Kenneth DeChellis of the Defense Criminal Investigative Service (DCIS), the law enforcement arm of the DoD Office of Inspector General also is quoted as stating, “DCIS will not be deterred from investigating contractors that fail to comply with federal cybersecurity requirements and risk exposing protected information vulnerable to criminal hackers. The U.S. taxpayers who fund these government contracts expect no less.”

Taken together with the HNFS enforcement action and resulting settlement, these statements provide a strong warning for health industry and other government contractors that their failure to comply with cybersecurity requirements in their federal contracts or grants could lead to prosecution under the False Claims Act in addition to otherwise applicable liabilities arising under HIPAA or other federal or state laws. Accordingly, health care organizations; Medicare, Medicaid, SCHIP, TRICARE and Federal Health Insurance Exchange program contractors; and other federal government contractors, subcontractors and grant recipients also should ensure their ability to defend their ongoing compliance with any data security, privacy or other federal cybersecurity requirements to guard against potential False Claims Act liability for noncompliance with these contractual responsibilities.

The author of this update, Cynthia Marcotte Stamer is an American College of Employee Benefits Counsel Fellow and attorney board certified in Labor and Employment Law by the Texas Board of Legal Specialization, who has decades of experience advising health care providers, Medicare and Medicaid Advantage and other public and private health plans and plan sponsors, government contractors and grant recipients, and their technology, data, third party administrators, and other managed care and other health care, defense, technology, life sciences and other clients about HIPAA and other protected health information, trade secret, personal information and other cybersecurity and other data and systems use, protection, andthese and other federal and state program design, contracting, quality, technology, reimbursement, licensing and accreditation, compliance, enforcement, governmental affairs, dispute resolution, and other compliance, risk management and operational matters. If you have questions or need advice or help evaluating or addressing these or other compliance, risk management, or other concerns, contact her.