Meredith D. LaMaster

Associate

Meredith represents for-profit and nonprofit entities, as well as investment and management firms, across the healthcare sphere, with their regulatory and transactional needs. She also assists healthcare providers and business associates in HIPAA and HITECH Act compliance. Meredith is a Certified Information Privacy Professional/United States (CIPP/US), the preeminent credential in the field of privacy.

Practice Areas

Healthcare Healthcare Transactions Healthcare Regulatory & Compliance Behavioral Health Health Information - Privacy, Security & Data Sharing Cybersecurity & Privacy Digital Health & Telemedicine Fertility, Reproductive Medicine, Sexual Health & Wellness

Industries

Healthcare

My focus

Prior to practicing law, I spent several years in sales and customer relations. Because of this, I take a multi-faceted approach to transactions. Providing clients with the best experience requires that we not only protect them from a legal standpoint, but also that we provide top-notch customer service while achieving their business objectives.

Healthcare Transactions

I support healthcare providers, private equity firms, and management service organization as they navigate the complexities of joint ventures, mergers, acquisitions, and contractual arrangements. I also advise clients on regulatory issues associated with transactions, such as licensure requirements, fraud and abuse risks, change in ownership implications, corporate practice considerations, and scope of practice determinations.

HIPAA/Health Information Privacy and Security

I advise healthcare entities and their business associates on meeting the compliance requirements of HIPAA, the HITECH Act, and any other state or federal confidentiality laws related to health information. I also assist in the development of policies and procedures, as well as breach analysis and notification investigations with the Office for Civil Rights.

Looking ahead

With the rise in hacking incidents and ransomware attacks in the healthcare space, it is imperative that healthcare entities implement sufficient safeguards to protect their internal infrastructure from potential harm. Incorporating comprehensive policies and procedures, properly training workforces, and employing adequate cybersecurity measures are essential to keeping operations online and protecting patient information in the event of an attack.

/Insights

Publications

"Final HIPAA Privacy Rule to support reproductive health care privacy is released", Privacy & Cybersecurity Law Report, July 29, 2024
"OCR releases proposed modifications to HIPAA Privacy Rule to provide increased privacy protections for reproductive healthcare information," American Health Law Association, April 25, 2023
"Data privacy in the post-Roe era," Journal of Compensation and Benefits, December 19, 2022

Admitted to practice

Illinois

Education

DePaul University College of Law, J.D., Health Law Certificate, DePaul Law Review Assistant Executive Editor
Miami University, B.S.

Recognition

CALI Excellence for the Future Award Recipient
Michael and Mary Jaharis Health Law Institute Fellow

Insights And Happenings

View All

Article
New administration continues pace of OCR’s HIPAA enforcement
April 25, 2025
Article
OCR announces first HIPAA settlement under the new administration
April 21, 2025
Article
OCR’s sixth HIPAA Risk Analysis Initiative settlement announced
April 16, 2025

View All

Professionals in the Practice Area

View All

Lindsay Maleson
Partner / Practice Group Leader, Healthcare
- Long Island
- Office:+1 516.832.7627
- lmaleson@nixonpeabody.com
Jill H. Gordon
Partner / Co-chair, Life Sciences Practice
- Los Angeles
- Office:+1 213.629.6175
- jgordon@nixonpeabody.com
Michele A. Masucci
Partner
- Long Island
- Office:+1 516.832.7573
- mmasucci@nixonpeabody.com
Jéna M. Grady
Partner
- New York City
- Office:+1 212.940.3114
- jgrady@nixonpeabody.com
Harsh P. Parikh
Partner
- Los Angeles
- Office:+1 213.629.6108
- hparikh@nixonpeabody.com