Compliance

Given Context’s decades of experience representing highly regulated entities in the acquisition of technology, we are familiar with the state, federal and international data privacy laws, rules and regulations that may be applicable to sensitive data that systems store, transfer and process.

Nearly all companies today need to be careful that legally-required data privacy documentation and contracts are included as part of certain engagements – especially those that involve the transfer of personal information (e.g. personal health information, personal financial information). Context works with its clients to ensure their IT Contracts, Privacy Policies and Terms of Use contain the necessary commitments to facilitate compliance with applicable data privacy requirements. Context can also work with the client’s procurement team to assist when side agreements or other compliance documentation is necessary.

Context has assisted clients in bringing their contracts and website terms in compliance with the California Consumer Privacy Act (“CCPA”) and other Privacy Laws.

Context has been assisting healthcare providers in the acquisition of Health Information Technology (or "HIT") for years. Our experienced attorneys have handled hundreds of hit contracts on behalf of large hospital systems and smaller practices and chances are if your organization selects a CCHIT Certified EHR as your preferred solution, we will have worked with your vendor.

For example, Context has assisted clients with the adoption of CCHIT Certified EHR, including: Allscripts Touchworks, Sage Intergy, NextGen EMR, Epic Epiccare, ACS Meditech, GE Centricity, Cerner Millenium and Mckesson Horizon Clinicals, among others. For physician practices and hospitals that will be acquiring certified EHR technology, Context's focused expertise in this area will help to guide your organization through the contracting process efficiently, while at the same time protecting your legal and business interests.

For hospitals that have already acquired EHR technology and wish to make such technology available to affiliated practices, Context has helped hospitals navigate the regulatory and contractual processes associated with pushing EHR and other hit to non-owned physician practices. In particular, Context has drafted template agreements to enable Stark-Compliant deployment of HIT to affiliated practices.

Data Use Arrangements

Context has extensive experience with data privacy and security matters with hosted solutions that store and process personal information (including PHI, customer, employee, and student data), and with drafting data use agreements, consent forms, notices and online terms-of-use.

Data Breach

Context has assisted clients in navigating the scope of a data breach and required steps upon discovery.

DATA PRIVACY GUIDANCE

More Services

IT Contract Negotiation

Training

Contract Templates

Contract Management and Consulting