Alert
The LatestView All
January 22, 2024
Nashville partner Bob Wade will participate in the Health Care Compliance Association (HCCA) Anchorage Regional Compliance & Ethics Conference in Feb. 22-23. The conference will include topics on regulatory requirements, compliance enforcement, risk management, and maintaining an effective compliance program. Attendees will have the opportunity to earn live Compliance Certification Board (CCB) continuing education units (CEUs) and network with other professionals.
Anchorage Regional Compliance & Ethics Conference
Idea Exchange
Patricia A. Markus, JD, CIPP/US
Partner
Suite 1400
Raleigh, NC 27603
Trish Markus represents health care providers and health technology companies across the country on wide-ranging regulatory compliance, reimbursement, licensure, and operational matters, with a special focus on issues surrounding health information privacy, security, and technology. She regularly advises clients on ways to use technology to improve health care access and outcomes while assuring compliance with applicable...
Trish Markus represents health care providers and health technology companies across the country on wide-ranging regulatory compliance, reimbursement, licensure, and operational matters, with a special focus on issues surrounding health information privacy, security, and technology. She regularly advises clients on ways to use technology to improve health care access and outcomes while assuring compliance with applicable data privacy and security laws and other health care regulatory requirements. Trish provides strategic and practical advice regarding HIPAA, 42 CFR Part 2 (federal regulations addressing Confidentiality of Substance Use Disorder Patient Records), the FTC’s Health Breach Notification Rule, and state data privacy and security laws; the 21st Century Cures Act’s information blocking and interoperability requirements; telehealth initiatives, including multi-state MSO business models, remote monitoring arrangements, reimbursement options, prescribing limitations, corporate practice of medicine and fee-splitting limitations, and requirements for patient consent and preconditions for recording telehealth interactions; electronic health record system adoption and extension of systems to community providers; health information exchange initiatives, including the eHealth Exchange; technology licensing and services arrangements; cybersecurity risks and data breach prevention and response; and compliance and fraud and abuse matters. She also works with physicians, hospitals, accountable care organizations, post–acute care facilities, behavioral health and substance use disorder facilities, and pharmacies on licensure and reimbursement matters, acquisitions, and divestitures. She writes frequently and speaks nationally on healthcare and data privacy topics.
Trish is a Chicago–area native and lifelong Cubs fan whose first aspiration was to become a Chicago Cub. When the inherent improbability of that dream became apparent, she determined she would become the Cubs' team physician. After struggling with college biochemistry and realizing that she had inherited her journalist parents' writing skills, she decided to attend law school instead. She relocated to Raleigh in 1995, in part to escape Chicago winters.
When not practicing law, Trish enjoys jogging, gardening, crosswords, traveling, attending and watching baseball games, reading, learning about and tasting wine, and spending time with her husband and their two rabbits.
data privacy and security laws and other health care regulatory requirements. Trish provides strategic and practical advice regarding HIPAA, 42 CFR Part 2 (federal regulations addressing Confidentiality of Substance Use Disorder Patient Records), the FTC’s Health Breach Notification Rule, and state data privacy and security laws; the 21st Century Cures Act’s information blocking and interoperability requirements; telehealth initiatives, including multi-state MSO business models, remote monitoring arrangements, reimbursement options, prescribing limitations, corporate practice of medicine and fee-splitting limitations, and requirements for patient consent and preconditions for recording telehealth interactions; electronic health record system adoption and extension of systems to community providers; health information exchange initiatives, including the eHealth Exchange; technology licensing and services arrangements; cybersecurity risks and data breach prevention and response; and compliance and fraud and abuse matters. She also works with physicians, hospitals, accountable care organizations, post–acute care facilities, behavioral health and substance use disorder facilities, and pharmacies on licensure and reimbursement matters, acquisitions, and divestitures. She writes frequently and speaks nationally on healthcare and data privacy topics.
Trish is a Chicago–area native and lifelong Cubs fan whose first aspiration was to become a Chicago Cub. When the inherent improbability of that dream became apparent, she determined she would become the Cubs' team physician. After struggling with college biochemistry and realizing that she had inherited her journalist parents' writing skills, she decided to attend law school instead. She relocated to Raleigh in 1995, in part to escape Chicago winters.
When not practicing law, Trish enjoys jogging, gardening, crosswords, traveling, attending and watching baseball games, reading, learning about and tasting wine, and spending time with her husband and their two rabbits.
Experience
HIPAA and Health Information Technology
- Represented clients in development of regional and enterprise–wide health information exchange organizations (HIEs), including establishment of governance structures, data use and sharing agreements, technology licensing agreements, privacy and security policies and procedures, advice on operational matters, and contracts with other regional and national HIEs
- Assisted hospital systems and physician practices in negotiating and licensing agreements for electronic health record software systems and telehealth solutions, in preparing contracts for hospitals’ provision of subsidized EHR technology and services to community medical practices, and in extending hospitals systems’ EHR licenses to managed hospitals within systems
- Assisted hospitals and physician practices in operational aspects of implementing EHR systems, including preparing privacy and security policies and processes, crafting patient portal and remote access agreements, and preparing policies and processes for BYOD and secure texting
- Reviewed and negotiated wide variety of health IT agreements, including electronic health record software, cloud storage, data supplier, value–added reseller, data analytics, and clinical data registry agreements
- Assisted statewide industry association in structuring and preparing various data analytics and data exchange agreements to assist association members in various population health management, quality improvement, and patient support programs
- Represented telemedicine mobile application start–up and company seeking to offer second opinion consultations by nationally–recognized experts in assessing possible corporate structures, business models, and payment options and understanding resulting fraud and abuse, corporate practice of medicine, fee–splitting, reimbursement, data privacy and security, and operational limitations and requirements
- Assisted clients in preparing multistate analyses of corporate practice of medicine and fee splitting laws, physician and other practitioner licensure and scope of practice requirements, and available payment for services provided through telemedicine technologies
- Counseled wide variety of provider clients and business associates on whether specific data breach circumstances require breach notification under HIPAA and applicable state data breach laws, identified mitigation strategies, and assisted with reporting obligations
- Represented hospitals, physicians, and business associates in responding to data breaches and Office for Civil Rights investigations
- Assisted substance use disorder providers in responding to subpoenas for substance abuse disorder records and in updating release of information forms and policies to conform to changing requirements of 42 CFR Part 2
- Counseled data analytics start–up on regulatory implications of licensing de–identified health data from organizations and sub–licensing such de–identified data sets to research organizations seeking large data sets
Healthcare Corporate, Regulatory, and Licensure Matters
- Assisted providers in addressing questions about Paycheck Protection Program, Medicare Provider Relief Fund, and various state and federal regulatory waivers and flexibilities issued during COVID–19 emergency
- Represented dozens of providers in responding to Medicare, Medicaid, and other insurer audits and appeals of recoupment and repayment demands, including Administrative Law Judge hearings
- Represented substance use disorder providers in acquisitions and divestitures and licensure, reimbursement, regulatory compliance, and operational matters
- Assisted national outpatient services provider with Medicaid enrollment issues and matters before pharmacy board
- Assisted physician practices and hospitals in all aspects of medical practice start–ups, divestitures, joint arrangements, and disputes
- Performed compliance review of policies and operational practices of accountable care organization and provided report outlining suggested remediation measures
- Served as local counsel to publicly traded post–acute care companies in acquisitions, refinancings, and state Medicaid enrollments and licensure issues
- Structured management services arrangements for physicians, dentists, chiropractors, and other practitioners to avoid corporate practice of medicine and fee–splitting concerns
Education
- Boston College Law School, JD
- Haverford College, BA, English, with honors
Admissions
- North Carolina
- Illinois
Clerkships
- Law Clerk, the Honorable Robert W. Cook, Illinois Court of Appeals, Fourth Circuit
- Law Clerk, the Honorable Willis P. Whichard, North Carolina Supreme Court
Certifications
- Certified Information Privacy Professional (CIPP/US), International Association of Privacy Professionals
HIPAA and Health Information Technology
- Represented clients in development of regional and enterprise–wide health information exchange organizations (HIEs), including establishment of governance structures, data use and sharing agreements, technology licensing agreements, privacy and security policies and procedures, advice on operational matters, and contracts with other regional and national HIEs
- Assisted hospital systems and physician practices in negotiating and licensing agreements for electronic health record software systems and telehealth solutions, in preparing contracts for hospitals’ provision of subsidized EHR technology and services to community medical practices, and in extending hospitals systems’ EHR licenses to managed hospitals within systems
- Assisted hospitals and physician practices in operational aspects of implementing EHR systems, including preparing privacy and security policies and processes, crafting patient portal and remote access agreements, and preparing policies and processes for BYOD and secure texting
- Reviewed and negotiated wide variety of health IT agreements, including electronic health record software, cloud storage, data supplier, value–added reseller, data analytics, and clinical data registry agreements
- Assisted statewide industry association in structuring and preparing various data analytics and data exchange agreements to assist association members in various population health management, quality improvement, and patient support programs
- Represented telemedicine mobile application start–up and company seeking to offer second opinion consultations by nationally–recognized experts in assessing possible corporate structures, business models, and payment options and understanding resulting fraud and abuse, corporate practice of medicine, fee–splitting, reimbursement, data privacy and security, and operational limitations and requirements
- Assisted clients in preparing multistate analyses of corporate practice of medicine and fee splitting laws, physician and other practitioner licensure and scope of practice requirements, and available payment for services provided through telemedicine technologies
- Counseled wide variety of provider clients and business associates on whether specific data breach circumstances require breach notification under HIPAA and applicable state data breach laws, identified mitigation strategies, and assisted with reporting obligations
- Represented hospitals, physicians, and business associates in responding to data breaches and Office for Civil Rights investigations
- Assisted substance use disorder providers in responding to subpoenas for substance abuse disorder records and in updating release of information forms and policies to conform to changing requirements of 42 CFR Part 2
- Counseled data analytics start–up on regulatory implications of licensing de–identified health data from organizations and sub–licensing such de–identified data sets to research organizations seeking large data sets
Healthcare Corporate, Regulatory, and Licensure Matters
- Assisted providers in addressing questions about Paycheck Protection Program, Medicare Provider Relief Fund, and various state and federal regulatory waivers and flexibilities issued during COVID–19 emergency
- Represented dozens of providers in responding to Medicare, Medicaid, and other insurer audits and appeals of recoupment and repayment demands, including Administrative Law Judge hearings
- Represented substance use disorder providers in acquisitions and divestitures and licensure, reimbursement, regulatory compliance, and operational matters
- Assisted national outpatient services provider with Medicaid enrollment issues and matters before pharmacy board
- Assisted physician practices and hospitals in all aspects of medical practice start–ups, divestitures, joint arrangements, and disputes
- Performed compliance review of policies and operational practices of accountable care organization and provided report outlining suggested remediation measures
- Served as local counsel to publicly traded post–acute care companies in acquisitions, refinancings, and state Medicaid enrollments and licensure issues
- Structured management services arrangements for physicians, dentists, chiropractors, and other practitioners to avoid corporate practice of medicine and fee–splitting concerns
Media
Recognitions
- Legal 500 United States, Industry Focus: Healthcare: service providers (2023)
- Fellow, American Bar Foundation
- Chambers USA: America's Leading Lawyers for Business, Healthcare – North Carolina (2016–2023)
- The Best Lawyers in America®, Health Care Law (2009–2024)
- Lawyer of the Year in Raleigh, N.C. for Health Care Law (2020)
- North Carolina Super Lawyers, Health Care (2014–2024), and as one of the “Top 50 Women” attorneys in North Carolina (2015)
- Triangle Business Journal’s Women in Business Award (2012)
Professional Activities
- American Health Law Association:
- President (2023–present)
- President Elect (2022–2023)
- President–Elect Designate (July 2021–June 2022)
- Board of Directors (July 2015–present)
- Chair, HIT Practice Group (July 2012–June 2015); Vice Chair (July 2008–June 2012)
- Co–leader, Privacy and Security Compliance and Enforcement Affinity Group, HIT Practice Group (2006–2008)
- North Carolina Bar Association:
- Chair, Health Law Section (2012–2013)
- Health Law Section Council (2006–2009)
- Communications Committee (2002–present)
- Member, American Telemedicine Association
- Member, Health Information Management Systems Society
- North Carolina Healthcare Information and Communications Alliance, Legal Work Group (2006 – present)
- American Health Information Management Association:
- Health Information Exchange Council (2008)
- e–HIM Workgroup on HIM in Health Information Exchange (2007)
- North Carolina Society of Healthcare Attorneys:
- President (2003–2004)
- Board of Directors (2000–2007)
- Member, NC Health Information Exchange Legal and Policy Work Group (2010–2011)
- Co–Chair, Legal Work Group and Implementation Plan Work Group, North Carolina Health Information Security and Privacy Collaboration (HISPC) Project (2006–2009)
Community
- Young Executive Committee, American Heart Association Greater Raleigh Heart Gala (2003)
Trish Markus represents health care providers and health technology companies across the country on wide-ranging regulatory compliance, reimbursement, licensure, and operational matters, with a special focus on issues surrounding health information privacy, security, and technology. She regularly advises clients on ways to use technology to improve health care access and outcomes while assuring compliance with applicable... data privacy and security laws and other health care regulatory requirements. Trish provides strategic and practical advice regarding HIPAA, 42 CFR Part 2 (federal regulations addressing Confidentiality of Substance Use Disorder Patient Records), the FTC’s Health Breach Notification Rule, and state data privacy and security laws; the 21st Century Cures Act’s information blocking and interoperability requirements; telehealth initiatives, including multi-state MSO business models, remote monitoring arrangements, reimbursement options, prescribing limitations, corporate practice of medicine and fee-splitting limitations, and requirements for patient consent and preconditions for recording telehealth interactions; electronic health record system adoption and extension of systems to community providers; health information exchange initiatives, including the eHealth Exchange; technology licensing and services arrangements; cybersecurity risks and data breach prevention and response; and compliance and fraud and abuse matters. She also works with physicians, hospitals, accountable care organizations, post–acute care facilities, behavioral health and substance use disorder facilities, and pharmacies on licensure and reimbursement matters, acquisitions, and divestitures. She writes frequently and speaks nationally on healthcare and data privacy topics.
Trish is a Chicago–area native and lifelong Cubs fan whose first aspiration was to become a Chicago Cub. When the inherent improbability of that dream became apparent, she determined she would become the Cubs' team physician. After struggling with college biochemistry and realizing that she had inherited her journalist parents' writing skills, she decided to attend law school instead. She relocated to Raleigh in 1995, in part to escape Chicago winters.
When not practicing law, Trish enjoys jogging, gardening, crosswords, traveling, attending and watching baseball games, reading, learning about and tasting wine, and spending time with her husband and their two rabbits.
Experience
Following is a selected sampling of matters and is provided for informational purposes only. Past success does not indicate the likelihood of success in any future matter.HIPAA and Health Information Technology
- Represented clients in development of regional and enterprise–wide health information exchange organizations (HIEs), including establishment of governance structures, data use and sharing agreements, technology licensing agreements, privacy and security policies and procedures, advice on operational matters, and contracts with other regional and national HIEs
- Assisted hospital systems and physician practices in negotiating and licensing agreements for electronic health record software systems and telehealth solutions, in preparing contracts for hospitals’ provision of subsidized EHR technology and services to community medical practices, and in extending hospitals systems’ EHR licenses to managed hospitals within systems
- Assisted hospitals and physician practices in operational aspects of implementing EHR systems, including preparing privacy and security policies and processes, crafting patient portal and remote access agreements, and preparing policies and processes for BYOD and secure texting
- Reviewed and negotiated wide variety of health IT agreements, including electronic health record software, cloud storage, data supplier, value–added reseller, data analytics, and clinical data registry agreements
- Assisted statewide industry association in structuring and preparing various data analytics and data exchange agreements to assist association members in various population health management, quality improvement, and patient support programs
- Represented telemedicine mobile application start–up and company seeking to offer second opinion consultations by nationally–recognized experts in assessing possible corporate structures, business models, and payment options and understanding resulting fraud and abuse, corporate practice of medicine, fee–splitting, reimbursement, data privacy and security, and operational limitations and requirements
- Assisted clients in preparing multistate analyses of corporate practice of medicine and fee splitting laws, physician and other practitioner licensure and scope of practice requirements, and available payment for services provided through telemedicine technologies
- Counseled wide variety of provider clients and business associates on whether specific data breach circumstances require breach notification under HIPAA and applicable state data breach laws, identified mitigation strategies, and assisted with reporting obligations
- Represented hospitals, physicians, and business associates in responding to data breaches and Office for Civil Rights investigations
- Assisted substance use disorder providers in responding to subpoenas for substance abuse disorder records and in updating release of information forms and policies to conform to changing requirements of 42 CFR Part 2
- Counseled data analytics start–up on regulatory implications of licensing de–identified health data from organizations and sub–licensing such de–identified data sets to research organizations seeking large data sets
Healthcare Corporate, Regulatory, and Licensure Matters
- Assisted providers in addressing questions about Paycheck Protection Program, Medicare Provider Relief Fund, and various state and federal regulatory waivers and flexibilities issued during COVID–19 emergency
- Represented dozens of providers in responding to Medicare, Medicaid, and other insurer audits and appeals of recoupment and repayment demands, including Administrative Law Judge hearings
- Represented substance use disorder providers in acquisitions and divestitures and licensure, reimbursement, regulatory compliance, and operational matters
- Assisted national outpatient services provider with Medicaid enrollment issues and matters before pharmacy board
- Assisted physician practices and hospitals in all aspects of medical practice start–ups, divestitures, joint arrangements, and disputes
- Performed compliance review of policies and operational practices of accountable care organization and provided report outlining suggested remediation measures
- Served as local counsel to publicly traded post–acute care companies in acquisitions, refinancings, and state Medicaid enrollments and licensure issues
- Structured management services arrangements for physicians, dentists, chiropractors, and other practitioners to avoid corporate practice of medicine and fee–splitting concerns
Education
- Boston College Law School, JD
- Haverford College, BA, English, with honors
Admissions
- North Carolina
- Illinois
Clerkships
- Law Clerk, The Honorable Robert W. Cook, Illinois Court of Appeals, Fourth Circuit
- Law Clerk, The Honorable Willis P. Whichard, North Carolina Supreme Court
Practice Areas
- Legal 500 United States, Industry Focus: Healthcare: service providers (2023)
- Fellow, American Bar Foundation
- Chambers USA: America's Leading Lawyers for Business, Healthcare – North Carolina (2016–2023)
- The Best Lawyers in America®, Health Care Law (2009–2024)
- Lawyer of the Year in Raleigh, N.C. for Health Care Law (2020)
- North Carolina Super Lawyers, Health Care (2014–2024), and as one of the “Top 50 Women” attorneys in North Carolina (2015)
- Triangle Business Journal’s Women in Business Award (2012)
- American Health Law Association:
- President (2023–present)
- President Elect (2022–2023)
- President–Elect Designate (July 2021–June 2022)
- Board of Directors (July 2015–present)
- Chair, HIT Practice Group (July 2012–June 2015); Vice Chair (July 2008–June 2012)
- Co–leader, Privacy and Security Compliance and Enforcement Affinity Group, HIT Practice Group (2006–2008)
- North Carolina Bar Association:
- Chair, Health Law Section (2012–2013)
- Health Law Section Council (2006–2009)
- Communications Committee (2002–present)
- Member, American Telemedicine Association
- Member, Health Information Management Systems Society
- North Carolina Healthcare Information and Communications Alliance, Legal Work Group (2006 – present)
- American Health Information Management Association:
- Health Information Exchange Council (2008)
- e–HIM Workgroup on HIM in Health Information Exchange (2007)
- North Carolina Society of Healthcare Attorneys:
- President (2003–2004)
- Board of Directors (2000–2007)
- Member, NC Health Information Exchange Legal and Policy Work Group (2010–2011)
- Co–Chair, Legal Work Group and Implementation Plan Work Group, North Carolina Health Information Security and Privacy Collaboration (HISPC) Project (2006–2009)
- Young Executive Committee, American Heart Association Greater Raleigh Heart Gala (2003)
Highlights from the Firm’s Insights
