Valerie Breslin Montague

Valerie Montague represents a variety of health care providers, digital health companies, senior living facilities, nonprofit trade associations, life sciences companies and vendors of health care providers. Valerie is a Certified Information Privacy Professional/United States (CIPP/US), the preeminent credential in the field of privacy.

What do you focus on?

I focus my practice on three main areas.

HIPAA/Health Information Privacy and Security

I assist health care providers and business associates of all types comply with the requirements of HIPAA and the HITECH Act, from the development of policies and workforce training to analysis and notification of breaches to guidance through Office for Civil Rights (OCR) investigations. I also advise vendors initiating arrangements with health care entities on whether their business triggers HIPAA.

Beyond HIPAA, I counsel health care providers on compliance with other federal and state health information confidentiality requirements, as well as cybersecurity best practices.

Regulatory Compliance

I advise hospital systems, skilled nursing facilities, physician practices and other health care providers on compliance with the Stark Law and the Anti-Kickback Statute, as well as state laws prohibiting self-referrals and fraud and abuse. In Illinois, I work with facilities to navigate Certificate of Need (CON), corporate practice of medicine, telehealth and licensure requirements.

Nonprofit Governance and Tax Exemption

I work with tax-exempt entities in all industries to obtain and maintain federal income tax-exempt status, including group exemptions and reinstatement of tax-exempt status. I advise tax-exempt entities on structure and governance issues as they expand their service lines, create new entities and enter into transactions with third parties, including joint ventures and the creation of for-profit subsidiaries. I also assist tax-exempt hospitals with compliance with Internal Revenue Service (IRS) and state law requirements governing financial assistance and community benefit activities.

What do you see on the horizon?

As more digital health vendors enter the marketplace in response to patient demand for more convenient and accessible care, both vendors and the providers using these tools will face ever increasing regulatory requirements encompassing everything from privacy and security to licensing to FDA compliance.


  • Presenter, “Legal Ethics for Health Care Attorneys,” Chicago Bar Association, Health Law Committee, March 22, 2017
  • Presenter, “Data Privacy and Data Use and Disclosure: Mutually Exclusive Concepts?” Northwestern University INVO Seminar, Chicago, Illinois, February 6, 2017
  • Co-presenter, “Cybersecurity Threats, Enforcement Trends and Practical Challenges,” American Health Lawyers Association (AHLA) Physicians and Hospitals Law Institute, Orlando, Florida, February 3, 2017
  • Panelist, “Healthcare Under Cyber Siege Panel,”  BDO Center for Healthcare Excellence & Innovation, November 3, 2016.
  • Co-presenter, “Select Regulatory Compliance Matters & Implicated Rules of Professional Conduct”, CLE Presentation to Medical Device client during their Law Day event, August 2016
  • Moderator, “Navigating a Breach Incident at the Business Associate Level: Reporting, Investigation, and Mitigation Strategies,” American Health Lawyers Association, February 2016
  • Panelist, “HIPAA: The Tentacles Expand,” First Illinois Healthcare Financial Management Association Spring Summit, April 2014
  • Presenter, “Battle of the BAAs: Balancing Interests in Negotiating BAAs,” Illinois Association of Healthcare Attorneys, 31st Annual Health Law Symposium, November 2013
  • Presenter, “What You Should Know About Federally Qualified Health Centers,” Chicago Bar Association, Health Law Committee, June 2013
  • Presenter, “HIPAA Compliance in 2012,” Chicago Bar Association, YLS Health & Hospital Law Committee, May 2012
  • Moderator, “Social Media Bootcamp Webinar Series, Level II, Part II: How to Safely Use Social Media and Social Networking in Your Health Law Practice: Avoid Privacy and Security Pitfalls,” American Health Lawyers Association, March 2012
  • Presenter, “Social Media Bootcamp Webinar Series, Level II, Part I: How to Use Social Media and Social Networking: Is There a Policy for That?” American Health Lawyers Association, February 2012
  • Presenter, “Tell It Like It Is? The HITECH Breach Notification Requirements and the Medicare Self-Referral Disclosure Protocol,” Chicago Bar Association, December 2010


  • “Podcast Highlights OCR Enforcement Trends and Future Rulemaking,” American Health Lawyers Association, June 2017
  • “Recent OCR Settlements Emphasize Vendor Management and Mobile Device Security,” American Health Lawyers Association, May 2017.
  • “MACRA Proposed Rule, Part II: Use of Interoperable Health Information Technology a Key Factor to Medicare Incentive Payment Structure,” American Health Lawyers Association, May 4, 2016
  • “MACRA Proposed Rule, Part I: CMS Presents a Flexible Approach that Steers Clinicians Toward Alternative Payment Models,” American Health Lawyers Association, May 3, 2016
  • “FDA Releases precisionFDA to Allow for Collaboration for NGS,” American Health Lawyers Association, December 30, 2015
  • “Lawyers as Business Associates: No Excuse,” American Health Lawyers Association (AHLA) Connections, Volume 18, Issue 6, June 2014 (co-author)
  • “HIPAA/HITECH Resource Guide,” American Health Lawyers Association, 1st Edition, April 10, 2014
  • “New regulations affect reporting requirements,” Chicago Daily Law Bulletin, November 23, 2011
  • “From Theft to Error and Everything in Between: An Analysis of Reported Breaches of Unsecured PHI in 2010 and 2011,” American Health Lawyers Association, November 17, 2011

HIPAA spotlight: key stats from a banner year

Law360 | January 17, 2017

This article recaps HIPAA stats and highlights from the past year. Chicago health care partner Valerie Montague is quoted throughout discussing privacy breaches and how health care organizations react.

6 Ways to Be a Go-To Firm for HIPAA Compliance

Law360 | April 29, 2016

Chicago health care partner Valerie Breslin Montague is included in this piece that looks at how attorneys are dealing with increasing Health Insurance Portability and Accountability Act (HIPAA) penalties and audits.

OCR now focusing on business associate agreements

Health Data Management | March 22, 2016

Albany health care partner Laurie Cohen and Chicago health care partner Valerie Breslin Montague are quoted throughout this feature article discussing the HHS Office for Civil Rights’ increased efforts sanctioning healthcare covered entities with corrective action plans and financial fines for major violations of the HIPAA privacy and security rules.

Preparing for HIPAA Compliance Audits: An Interview with Valerie Breslin Montague

Fertility Bridge | March 09, 2016

Chicago Health Care partner Valerie Breslin Montague is featured in this Q&A discussing Health Insurance Portability and Accountability Act (HIPAA) as it relates to digital media.

8 Ways to Keep HIPAA from Crimping Employees' Labor Rights

Medical Practice Compliance Alert | August 17, 2015

Chicago Health Care partner Valerie Montague discusses tips for employers to follow to avoid being accused of unfair labor practices while trying to keep patient information safe.

Create Guidelines for EHR Access to Avoid HIPAA, Labor Violations

Medical Practice Compliance Alert | August 17, 2015

Chicago Health Care partner Valerie Montague discusses lessons learned from a case involving an ophthalmology practice who terminated an employee due to violations of HIPAA.

4 Lessons from the FDA's Milestone Device-Hacking Alert

Law360 | August 11, 2015

Chicago Health Care partner Valerie Breslin Montague is quoted throughout this article discussing the need for hospitals and health care providers to have security systems in place following the FDA’s declaration to stop using a particular medical device due to cyber security flaws.


Valerie Breslin Montague



Phone: 312-977-4485

Fax: 844-571-6775

Georgetown University Law Center, J.D.

Marquette University, Honors B.A., cum laude


U.S. District Court, Northern District of Illinois

U.S. Court of Appeals, Seventh Circuit

Valerie has been named a Recognized Practitioner in Chambers USA: America’s Leading Lawyers for Business 2017 for Healthcare (Illinois). She was also recommended in The Legal 500 United States 2016 editorial for Health Care—Service Providers.

  • International Association of Privacy Professionals
  • American Bar Association
  • Chicago Bar Association
  • American Health Lawyers Association, Chair, Privacy and Security Compliance and Enforcement Affinity Group
  • Illinois Association of Healthcare Attorneys, Education Committee Member
  • Past member, General PHI Workgroup, Illinois Health Information Exchange project
  • Admissions Volunteer, Marquette University
  • Past President, Marquette University Club of Chicago

Obtained property tax exemption for a nonprofit organization that assists underprivileged teenaged mothers

Assisted a youth mentoring organization with organizational and federal income tax-exemption issues 

Back to top