Introduction
Valerie Montague represents a variety of healthcare providers, digital health companies, senior living facilities, nonprofit trade associations, life sciences companies and vendors of healthcare providers. Valerie is a Certified Information Privacy Professional/United States (CIPP/US), the preeminent credential in the field of privacy.
My focus
I focus my practice on three main areas:
HIPAA/Health Information Privacy and Security
I assist healthcare providers and business associates of all types to comply with the requirements of HIPAA and the HITECH Act, from the development of policies and workforce training to analysis and notification of breaches to guidance through Office for Civil Rights (OCR) investigations. I also advise vendors initiating arrangements with healthcare entities on whether their business triggers HIPAA.
Beyond HIPAA, I counsel healthcare providers on compliance with other federal and state health information confidentiality requirements, as well as cybersecurity best practices.
Regulatory Compliance
I advise hospital systems, skilled nursing facilities, physician practices and other healthcare providers on compliance with the Stark Law and the Anti-Kickback Statute, as well as state laws prohibiting self-referrals and fraud and abuse. In Illinois, I work with facilities to navigate Certificate of Need (CON), corporate practice of medicine, telehealth and licensure requirements.
Nonprofit Governance and Tax Exemption
I work with tax-exempt entities in all industries to obtain and maintain federal income tax-exempt status, including group exemptions and reinstatement of tax-exempt status. I advise tax-exempt entities on structure and governance issues as they expand their service lines, create new entities and enter into transactions with third parties, including joint ventures and the creation of for-profit subsidiaries. I also assist tax-exempt hospitals with compliance with Internal Revenue Service (IRS) and state law requirements governing financial assistance and community benefit activities.
Looking ahead
As more digital health vendors enter the marketplace in response to patient demand for more convenient and accessible care, both vendors and the providers using these tools will face ever increasing regulatory requirements encompassing everything from privacy and security to licensing to FDA compliance.
/Insights
Publications
- “Quick tips to prepare for a data incident: Part II,” McKnights Long-Term Care News, June 9, 2025
- “What you can do to prepare for a data incident,” Provider Magazine, June 3, 2025
- “Quick tips to prepare for a data incident: Part I,” McKnights Long-Term Care News, May 9, 2025
- “Final HIPAA Privacy Rule to support reproductive health care privacy is released,” Privacy & Cybersecurity Law Report, July 29, 2024
- “OCR releases proposed modifications to HIPAA privacy rule to provide increased privacy protections for reproductive healthcare information,” American Health Law Association Briefing, April 25, 2023
- “The HIPAA Right of Access Initiative: A continued OCR enforcement priority,” Journal of Healthcare Compliance, Jan/Feb 2023
- “Top Ten Issues in Health Law 2023,” American Health Law Association, January 2023
- “Data privacy in the post-Roe era,” Journal of Compensation and Benefits, December 19, 2022
- “OCR issues guidance on HIPAA-compliant use of audio-only telehealth,” Employee Benefit Plan Review, October 2022
- “New OCR Enforcement Actions Emphasize Continued Focus on HIPAA Right of Access Initiative,” American Health Law Association, July 27, 2022
- “Data Privacy in the Post-Roe Era,” Nixon Peabody Healthcare Alert, July 12, 2022
- “OCR issues guidance on HIPAA-compliant use of audio-only telehealth,” Nixon Peabody Healthcare & Data Privacy Alert, June 21, 2022
- “Two Years In: Lessons Learned from OCR’s Right of Access Initiative Enforcement,” American Health Law Association, October 1, 2021
- “Survey of Applicability of State General Privacy and Breach Notification Laws to Health Information,” American Health Law Association, September 7, 2021
- “HHS Proposes Modifications to HIPAA Privacy Rule Aimed at Increasing Patient Access and Enhancing Data Sharing for Care Coordination,” American Health Law Association briefing, December 22, 2020
- Updated following OCR limited waiver: “To disclose or not to disclose: Sharing identifiable health information during the coronavirus outbreak,” Nixon Peabody Healthcare Alert, March 18, 2020
- “Long-awaited CMS and ONC final rules on interoperability, patient access and information blocking released,” Nixon Peabody Healthcare Alert, March 11, 2020
- “Following federal district court decision, OCR issues notice regarding medical record fees,” Nixon Peabody Healthcare Alert, February 4, 2020
- “Match addresses exactly for off-campus claims or risk denials,” Medicare Compliance & Reimbursement, June 2019
- “OIG Audits of HHS Operating Divisions Highlight Need for Better Cybersecurity,” American Health Law Association, March 28, 2019
- “JAMA Study Highlights the Dangers of Phishing Attacks for Healthcare Organizations,” American Health Law Association, March 26, 2019
- “ACA pronounced dead by Texas court—What’s next for the health care industry?” Nixon Peabody Healthcare Alert, December 18, 2018
- “OCR seeks public comments on potential HIPAA revisions to encourage care coordination,” Nixon Peabody HIPAA Law Alert, December 14, 2018
- “New federal legislation addresses opioid crisis: Are you ready for the changes?” Nixon Peabody Healthcare Alert, November 19, 2018
- “Sharing Patient Data with Vendors? A Robust Vendor Management Program is Imperative,” Chicago Health Executive Forum, September 25, 2018
- “OIG Review Highlights Necessary Improvements in HHS’ Information Security Program,” American Health Law Association, March 30, 2018
- “Is a Data Breach Inevitable? New Study Analyzes Cybersecurity Trends,” American Health Law Association, March 28, 2018
- “Final regulations on substance use disorder patient information offer notification flexibility and require certain contractual updates,” Nixon Peabody Health Law Alert, January 5, 2018
- “OCR/FTC HIT Enforcement Summary Table, PG Toolkit,” American Health Law Association, October 24, 2017
- “Podcast Highlights OCR Enforcement Trends and Future Rulemaking,” American Health Law Association, June 2017
- “Recent OCR Settlements Emphasize Vendor Management and Mobile Device Security,” American Health Law Association, May 2017
- “MACRA Proposed Rule, Part II: Use of Interoperable Health Information Technology a Key Factor to Medicare Incentive Payment Structure,” American Health Law Association, May 4, 2016
- “MACRA Proposed Rule, Part I: CMS Presents a Flexible Approach that Steers Clinicians Toward Alternative Payment Models,” American Health Law Association, May 3, 2016
- “FDA Releases precision FDA to Allow for Collaboration for NGS,” American Health Law Association, December 30, 2015
- “Lawyers as Business Associates: No Excuse,” American Health Law Association (AHLA) Connections, Volume 18, Issue 6, June 2014 (co-author)
- “HIPAA/HITECH Resource Guide,” American Health Law Association, 1st Edition, April 10, 2014
- “New regulations affect reporting requirements,” Chicago Daily Law Bulletin, November 23, 2011
- “From Theft to Error and Everything in Between: An Analysis of Reported Breaches of Unsecured PHI in 2010 and 2011,” American Health Law Association, November 17, 2011
Presentations
- Speaker, “Securing the Future of Digital Care: Balancing Interoperability, Cybersecurity, and Patient Trust in a Connected Care Ecosystem,” ATA Nexus 2025, May 5, 2025
- Speaker, “Not If But When: Preparing for a Data Incident at an FQHC,” Compliatric Webinar, March 6, 2025
- Speaker, “Not “If” but “When”: Tips to Prepare for a Data Incident,” American Health Law Association's Long Term and Post-Acute Care Law and Compliance Conference, February 3, 2025
-
“Health Privacy Fundamentals: Toolkit to Understanding Privacy and Security Issues in Health,” Nixon Peabody MCLE Seminar, January 23, 2025
- Presenter, “Business Associates and HIPAA: Your Obligation and the Professional Responsibility Requirements,” Illinois State Bar Association Webinar, November 19, 2024
- Speaker, “Empowering women in privacy: Various career paths and useful skills for success,” IAPP Women Leading Privacy Section Web Conference, July 10, 2024
- Speaker, “Addressing Health Care Challenges Post-Dobbs,” Illinois Association of Healthcare Attorneys Quarterly Lectures, September 27, 2023
- Speaker, “Protecting the Privacy of Reproductive Health Information Post-Dobbs,” American Health Law Association, May 31, 2023
- Speaker, “Privacy & Security Post Public Health Emergency,” CTeL Training, May 4, 2023
- Presenter, “New OCR Enforcement Actions Emphasize Continued Focus on HIPAA Right of Access Initiative,” The Virtual Fortieth National HIPAA Summit, March 7, 2023
- Panelist, “Keeping the Personal Private: Data Privacy in Reproductive Health Care Technology,” DePaul University College of Law’s 2023 Jaharis Symposium, Chicago, IL, March 1, 2023
- Presenter, “Holding Healthcare for Ransom: How Healthcare Organizations Can Respond to Cyberattacks,” Nixon Peabody Webinar, October 20, 2022
- Presenter, “HIPAA’s Right of Access: Defining Designated Record Set, OCR Enforcement, Overcoming Compliance Challenges,” Strafford CLE Webinar, June 22, 2022
- Presenter, “Lessons Learned from OCR’s Right of Access Initiative Enforcement,” The Virtual Thirty-First National HIPAA Summit, March 3, 2022
- Presenter, “Trends and Tips from Health Information Privacy Enforcement Efforts,” Chicago Bar Association Health law Committee, November 16, 2021
- Moderator, “Legal Issues Surrounding the Secondary Use of Health Data,” American Health Law Association Educational Webinar, November 2, 2021
- Presenter, “Health IT: Fraud & Enforcement,” American Health Law Association Educational Webinar, August 5, 2021
- Moderator, “2020 Health Law Survey: An Overview of Recent Changes in Health Law,” Illinois Association of Healthcare Attorneys Quarterly Lecture, March 11, 2021
- Presenter, “Telehealth Looking Forward: Maintaining Compliance During Regulatory Changes,” University Physician Network, August 5, 2020
- Presenter, “Telemedicine Beyond COVID19: Provider Experiences and Future Challenges,” Nixon Peabody Webinar, June 25, 2020
- Speaker, “The Paradigm Shift to Telehealth: Lessons Learned from the COVID-19 Pandemic,” CTeL Summit, June 19, 2020
- Presenter, “Health Law and the Coronavirus: What Attorneys at the Front Line of the Pandemic Need to Know,” Bloomberg Law Learning Webinar, April 15, 2020
- Presenter, “Lightning Round III: Avoiding a Bad Breakup: How to Divorce Your Entity from a Health Care Venture,” Illinois Association of Healthcare Attorneys 2019 Annual Health Law Symposium, November 6, 2019
- Presenter, “How to Stay Out of Trouble: Lessons Learned and Best Practices from Data Breaches and HIPAA Enforcement,” 20th Annual Continuing Education Conference for Optometrists, October 31, 2019
- Presenter, “Data Breaches: Regulation, Enforcement and Lessons Learned,” Nixon Peabody Chicago CLE Day, June 6, 2019
- Moderator, “HHS Health Industry Cybersecurity Practices,” American Health Law Association, Health Information Technology Practice Group, March 27, 2019
- Presenter, “Limiting Risk When Outsourcing: Vendor Management Best Practices,” 2018 Nixon Peabody Chicago CLE Symposium, June 7, 2018
- Panelist, “Healthcare Privacy and Cybersecurity,” Bloomberg Law, Chicago, September 27, 2017
- Presenter, “Legal Ethics for Healthcare Attorneys,” Chicago Bar Association, Health Law Committee, March 22, 2017
- Presenter, “Data Privacy and Data Use and Disclosure: Mutually Exclusive Concepts?” Northwestern University INVO Seminar, Chicago, Illinois, February 6, 2017
- Co-presenter, “Cybersecurity Threats, Enforcement Trends and Practical Challenges,” American Health Law Association (AHLA) Physicians and Hospitals Law Institute, Orlando, Florida, February 3, 2017
- Panelist, “Healthcare Under Cyber Siege Panel,” BDO Center for Healthcare Excellence & Innovation, November 3, 2016.
- Co-presenter, “Select Regulatory Compliance Matters & Implicated Rules of Professional Conduct”, CLE Presentation to Medical Device client during their Law Day event, August 2016
- Moderator, “Navigating a Breach Incident at the Business Associate Level: Reporting, Investigation, and Mitigation Strategies,” American Health Law Association, February 2016
- Panelist, “HIPAA: The Tentacles Expand,” First Illinois Healthcare Financial Management Association Spring Summit, April 2014
- Presenter, “Battle of the BAAs: Balancing Interests in Negotiating BAAs,” Illinois Association of Healthcare Attorneys, 31st Annual Health Law Symposium, November 2013
- Presenter, “What You Should Know About Federally Qualified Health Centers,” Chicago Bar Association, Health Law Committee, June 2013
- Presenter, “HIPAA Compliance in 2012,” Chicago Bar Association, YLS Health & Hospital Law Committee, May 2012
- Moderator, “Social Media Bootcamp Webinar Series, Level II, Part II: How to Safely Use Social Media and Social Networking in Your Health Law Practice: Avoid Privacy and Security Pitfalls,” American Health Law Association, March 2012
- Presenter, “Social Media Bootcamp Webinar Series, Level II, Part I: How to Use Social Media and Social Networking: Is There a Policy for That?” American Health Law Association, February 2012
- Presenter, “Tell It Like It Is? The HITECH Breach Notification Requirements and the Medicare Self-Referral Disclosure Protocol,” Chicago Bar Association, December 2010
In the news
- McKnights Long-Term Care News
Quick tips to prepare for a data incident: Part II
June 9, 2025Chicago Healthcare partner Valerie Montague contributed this article, discussing data breach preparedness for the long-term care industry. The article covers security risk analyses and risk management plans as well as how to put incident preparation into action.
- Provider Magazine
What you can do to prepare for a data incident
June 3, 2025Chicago Healthcare partner Valerie Montague contributed this article discussing what long-term care organizations can do to prepare for a data incident and how this planning may result in greater security for confidential data, faster identification of a potential issue, and more efficient data event response.
- McKnights Long-Term Care News
Quick tips to prepare for a data incident: Part I
May 9, 2025Chicago Healthcare partner Valerie Montague contributed this article, discussing data breach preparedness for the long-term care industry.
- Privacy & Cybersecurity Law Report
Final HIPAA Privacy Rule to support reproductive health care privacy is released
July 29, 2024Chicago Healthcare partner Valerie Montague and associate Meredith LaMaster contributed this article, which covers the final HIPAA Privacy Rule to support reproductive healthcare privacy.
- Healthcare Brew
The Biden administration is updating HIPAA to protect reproductive healthcare information
June 7, 2024This article covers the final Health Insurance Portability and Accountability Act (HIPPA) Privacy Rule issued by the Department of Health and Human Services to support reproductive healthcare privacy. Chicago Healthcare partner Valerie Montague is quoted in the coverage, discussing how HIPAA-regulated entities can prepare to comply with the new rule, and the critical role that proper training and communication for an organization’s frontline teams can play.
- Behavioral Health Business
What Cerebral, Monument’s FTC fines can teach other behavioral health providers about advertising best practices
This article covers lessons learned from the FTC’s actions against Monument Health and Cerebral over their alleged mishandling of patient data. Chicago Healthcare partner Valerie Montague is quoted in the coverage, discussing best practices that health providers should follow to comply with FTC regulations, as well as providing clarity on the FTC stipulations.May 3, 2024 - Crain’s Chicago Business
Notable women in law: Valerie Breslin Montague
Feb 20, 2024Chicago Healthcare partner Valerie Montague is profiled as one of the publication’s 2024 “Notable Women in Law.” Crain’s said the women who make up this year’s class “serve as mentors and guiding lights for other women in their firms and bring their expertise to their communities and nonprofits outside the office.”
- Bloomberg Law
Private health data still being exposed to big tech, report says
Oct 17, 2023This article discussing third-party trackers on health-related websites and potential privacy implications posed by collecting personal health data quotes Chicago Healthcare partner Valerie Montague. Valerie discusses an increase in litigation related to data captured by these technologies following 2022 guidance issued by the Department of Health and Human Services and the Office of Civil Rights on tracking technologies and HIPAA compliance.
- American Health Law Association
OCR releases proposed modifications to HIPAA Privacy Rule to provide increased privacy protections for reproductive healthcare information
April 25, 2023This article discusses the recent notice of rulemaking issued by the US Department of Health and Human Services to modify the Standards for Privacy of Individually Identifiable Health Information, or Privacy Rule, under HIPAA. The article was cowritten by partners Laurie Cohen of Albany and Valerie Montague of Chicago, counsel Jéna Grady of New York City, and associates Meredith LaMaster of Chicago and Julia Cassidy of New York City, all of the Healthcare practice.
- Journal of Healthcare Compliance
The HIPAA Right of Access Initiative: A continued OCR enforcement priority
March 15, 2023Chicago Healthcare partner Valerie Montague contributed this article discussing the Office of Civil Rights’ continued focus on HIPAA’s Right of Access Initiative, noting that lessons gleaned can give healthcare providers and other HIPAA-regulated entities a roadmap to strengthen their compliance with the HIPAA Privacy Rule’s right of access.
- American Health Law Association
Top ten 2023: Data privacy requirements (podcast)
Feb 10, 2023Chicago Healthcare partner Valerie Montague joins this episode of the podcast to discuss new data privacy laws, how healthcare providers can remain compliant and prepare for possible data breaches, considerations for telehealth programs, and risks for hybrid workforces.
- Health Law Connections
Top ten issues in health law 2023
Jan 1, 2023This article discussing top issues in health law for the coming year includes commentary from Chicago Healthcare partner Valerie Montague about new data privacy laws and regulations that healthcare providers, plans, and vendors need to be aware of.
- Journal of Compensation and Benefits
Data privacy in the post-Roe era
Dec 19, 2022Chicago Healthcare partner Valerie Montague, Rochester counsel and Cybersecurity & Privacy practice deputy leader Jenny Holmes, Washington, DC Healthcare counsel Sarah Swank, and Chicago Healthcare associate Meredith LaMaster contributed this article on how Roe’s reversal disrupts expectations regarding the privacy of women’s health information—and the role of healthcare practitioners, app developers, and cell phone providers in protecting it.
- American Health Law Association
Speaking of health law (podcast)
Oct 11, 2022Chicago Healthcare partner Valerie Montague joined the podcast to discuss recent enforcement actions from the Office for Civil Rights, the OCR’s continued focus on HIPAA’s Right of Access Initiative, and why the initiative is important.
- Modern Healthcare
FTC's health data breach rule covers apps, fitness trackers, agency says
This article, covering the Federal Trade Commission’s new guidance that health apps and fitness trackers must notify users of data breaches, quotes Chicago Health Care partner Valerie Montague on the FTC’s enforcement and broad definition of a breach, noting companies should review their health data policies and obtain patient authorization when necessary.Sep 16, 2021 - Modern Healthcare
Patient says Jefferson Health missed the mark on EHR-driven marketing
This article, which discusses concerns surrounding hospitals using electronic health records to promote health services, quotes Chicago Health Care partner Valerie Montague on the right of patients to opt out of their providers’ mailing lists.June 25, 2021 - Modern Healthcare
Scripps cyberattack highlights patient safety risks during breaches
In this article on the recent cyberattack on Scripps Health, which disrupted the San Diego-based health system’s patient portal and email systems, Chicago Health Care partner Valerie Montague is quoted on HIPAA considerations for health systems when communicating with patients via social media.May 14, 2021 - Modern Healthcare
5 lessons learned from HIPAA "Right of Access" fines this year
In this article on the ramped-up enforcement actions by the U.S. Department of Health and Human Services’ Office for Civil Rights against health care providers, Chicago Health Care partner Valerie Montague discusses the importance for providers to train their staff and have a workflow in place.Nov 25, 2020 - Modern Healthcare
Hospitals balance disclosure and privacy as COVID-19 spreads
Chicago Health Care partner Valerie Breslin Montague talks about how hospitals can remain in compliance with HIPAA while executing an effective crisis communications plan related to the coronavirus outbreak.March 12, 2020 - Chicago Health Executives Forum Newsletter
Are you prepared for a data incident? Plan ahead to allow for an agile response
Chicago Health Care partner Valerie Breslin Montague wrote this contributed article outlining the factors that organizations should consider when developing a robust incident response plan.Sep 25, 2019 - Modern Healthcare
21st Century Cures Act driving FDA changes
This article discussing the 21st Century Cures Act’s ongoing impact on the Food and Drug Administration’s approval process quotes Boston Government Investigations and White Collar Defense partner Hannah Bornstein and Chicago Health Care partner Valerie Montague.Sep 7, 2019 - Medicare Compliance & Reimbursement
Match addresses exactly for off-campus claims or risk denials
This article quotes Chicago Health Care partner Valerie Breslin Montague discussing a new Centers for Medicare and Medicaid Services policy, taking effect in July, that could complicate the billing and reimbursement process for health care providers.July 10, 2019 - Medicare Compliance & Reimbursement
Match addresses exactly for off-campus claims or risk denials
This article quotes Chicago Health Care partner Valerie Breslin Montague discussing a new Centers for Medicare and Medicaid Services policy, taking effect in July, that could complicate the billing and reimbursement process for health care providers.June 1, 2019 - Legaltech News
What Chicago Public Schools can teach about determining breach liability
Chicago Health Care partner Valerie Montague is quoted in this article on which party can expect to be found liable for a Chicago Public Schools data breach allegedly triggered by the actions of the third-party vendor’s former employee.Nov 9, 2018 - Bloomberg Law
Smartphones add new dimension to doctor-patient meetings
In this article about doctor-patient audio-video recordings, Chicago Health Care partner Valerie Breslin Montague is quoted throughout for her outlook on multiparty consent among different states, policy development, and protecting the privacy of a patient’s health information.Sep 18, 2018 - Modern Healthcare
Trump's Proposed Budget Cuts Could Hinder 21st Century Cures Implementation
Chicago health care partner Valerie Montague is quoted in this article on the possible impact of the proposed budget cuts to the Office of the National Coordinator for Health Information Technology, the federal agency in charge of implementing provisions of the 21st Century Cares Act.Feb 15, 2018 - Modern Healthcare
PREVIEWS FROM THE INDUSTRY: Hospital Operations
In this round-up of health care industry predictions for 2018, Chicago health care partner Valerie Montague provides an outlook on the future of cybersecurity in health care.Jan 1, 2018 - Modern Healthcare
Providers pinched by rising drug costs, looming policy changes
Oct 3, 2017Chicago health care partner Valerie Montague is quoted in this article discussing how the proposed cuts to the 340B drug discount program may impact health systems.
- Report on Patient Privacy
Digital voice assistants pose unique benefits, risks for health care uses
Oct 1, 2017Chicago health care partner Valerie Breslin Montague is quoted in this article about how hospitals and clinics are using digital voice assistants.
- Modern Healthcare
Wisconsin system says Cerner's software caused $16 million in losses
Chicago health care partner Valerie Breslin Montague is quoted in this article about the lawsuit filed by Agnesian Healthcare against Cerner regarding a botched rollout of a revenue cycle management system.Sep 22, 2017 - Law360
Aetna's HIV lapse shows snail mail's privacy pitfalls
Chicago health care partner Valerie Montague is quoted in this article about how Aetna Inc.’s mailed letters to policy holders regarding prescriptions for HIV drugs violated the Health Insurance Portability and Accountability Act.Aug 25, 2017 - Modern Healthcare
Not-for-profit providers' rising expenses, dwindling revenue could spur mergers
Chicago health care partner Valerie Breslin Montague is quoted in this article about how many not-for-profit health care providers are joining larger health care systems as a result of rising costs to operate as independent hospitals.Aug 22, 2017 - Modern Healthcare
Virtual assistants like Amazons Alexa could change the way care is delivered
Chicago health care partner Valerie Montague provides third-party commentary in this article about the potential for Alexa and other voice assistants to be used as a health care tool. Valerie speaks to what needs to happen for these devices to become compliant under the Health Insurance Portability and Accountability Act (HIPAA).July 31, 2017 - Law360
HIPAA spotlight: key stats from a banner year
This article recaps HIPAA stats and highlights from the past year. Chicago health care partner Valerie Montague is quoted throughout discussing privacy breaches and how health care organizations react.Jan 17, 2017 - Law360
6 Ways to Be a Go-To Firm for HIPAA Compliance
Chicago health care partner Valerie Breslin Montague is included in this piece that looks at how attorneys are dealing with increasing Health Insurance Portability and Accountability Act (HIPAA) penalties and audits.April 29, 2016 - Health Data Management
OCR now focusing on business associate agreements
Albany health care partner Laurie Cohen and Chicago health care partner Valerie Breslin Montague are quoted throughout this feature article discussing the HHS Office for Civil Rights’ increased efforts sanctioning healthcare covered entities with corrective action plans and financial fines for major violations of the HIPAA privacy and security rules.March 22, 2016 - Fertility Bridge
Preparing for HIPAA Compliance Audits: An Interview with Valerie Breslin Montague
Chicago Health Care partner Valerie Breslin Montague is featured in this Q&A discussing Health Insurance Portability and Accountability Act (HIPAA) as it relates to digital media.March 9, 2016 - Medical Practice Compliance Alert
8 Ways to Keep HIPAA from Crimping Employees' Labor Rights
Chicago Health Care partner Valerie Montague discusses tips for employers to follow to avoid being accused of unfair labor practices while trying to keep patient information safe.Aug 17, 2015 - Medical Practice Compliance Alert
Create Guidelines for EHR Access to Avoid HIPAA, Labor Violations
Chicago Health Care partner Valerie Montague discusses lessons learned from a case involving an ophthalmology practice who terminated an employee due to violations of HIPAA.Aug 17, 2015 - Law360
4 Lessons from the FDA's Milestone Device-Hacking Alert
Chicago Health Care partner Valerie Breslin Montague is quoted throughout this article discussing the need for hospitals and health care providers to have security systems in place following the FDA’s declaration to stop using a particular medical device due to cyber security flaws.Aug 11, 2015
Admitted to practice
Illinois
U.S. District Court, Northern District of Illinois
U.S. Court of Appeals, Seventh Circuit
Education
Georgetown University Law Center, J.D.
Marquette University, Honors B.A., cum laude
Professional activities
- Member, Thompson Reuters Practical Law Data Privacy & Cybersecurity US/Canada Advisory Board
- Member, CTeL Legal Resource Team
- Member, International Association of Privacy Professionals
- Member, American Health Law Association
- Board Member and Education Committee Chair, Illinois Association of Healthcare Attorneys
- Past member, General PHI Workgroup, Illinois Health Information Exchange project
- Admissions Volunteer, Marquette University
- Past President, Marquette University Club of Chicago
Recognition
- Selected, Crain’s Chicago Business Notable Women in Law 2024
- Selected, through a peer-review survey, for inclusion in The Best Lawyers in America® 2025 in the field of Healthcare Law
- Best Lawyers 2022 “Lawyer of the Year” in Chicago for Healthcare Law
- Listed in Best Lawyers since 2018
- Named a Recognized Practitioner in Chambers USA: America’s Leading Lawyers for Business 2025 for Healthcare (Illinois); also recognized in previous years
- Recommended in The Legal 500 United States 2025 editorial for Healthcare: Service providers; also recognized in previous years
Pro bono services
- Assisted a health and human services coalition with governance and contracting matters, as well as with obtaining federal income tax exemption
- Work with an entity that abolishes patients’ medical debt on health information privacy issues
- Obtained property tax exemption for a nonprofit organization that assists underprivileged teenaged mothers
- Assisted a youth mentoring organization with organizational and federal income tax-exemption issues
Insights And Happenings
View AllProfessionals in the Practice Area
View AllLindsay Maleson
Partner / Practice Group Leader, Healthcare- Long Island
- Office:+1 516.832.7627
- lmaleson@nixonpeabody.com
-
Jill H. Gordon
Partner / Co-chair, Life Sciences Practice- Los Angeles
- Office:+1 213.629.6175
- jgordon@nixonpeabody.com
-
