• vcard
D 314.889.7013
F 314.667.3698
  • Education
    • J.D., Saint Louis University, 2008, Journal of Health Law, Executive Articles Editor; Health Care Finance & Business Planning Academic Excellence Award
    • M.P.H., Saint Louis University, 2008, Health Policy; The Alumni Association Academic Achievement Award
    • B.S., University of Notre Dame, 2004

In a regulatory environment where even the most minor details matter, Rebecca Frigy Romine thrives on helping clients find practical and creative solutions and action plans.

Her practice focuses on many facets of the general health care business with a specific emphasis on the privacy and security of health information and medical staff issues.

Rebecca has significant experience in and frequently writes on these topics and remains abreast of regulatory changes and best practices that develop in the following areas:

  • Addressing compliance issues and developing policies and procedures under HIPAA, the HITECH Act, state law, and 42 CFR Part 2 (alcohol and drug abuse treatment records)
  • Negotiating business associate agreements
  • Assisting clients navigate issues related to electronic health records, including the meaningful use program requirements and issues specific to health information exchanges
  • Assisting clients with medical staff bylaws interpretations and revisions to ensure compliance with The Joint Commission standards and to address medical staff operational challenges

Rebecca regularly assists our M&A and transactions teams with diligence, transactional documentation and considerations, transition services agreements, and post-closing compliance considerations and tasks.  Her experience is deep across the spectrum of types of health care providers, which includes hospitals. These efforts include:

  • Reviewed HIPAA privacy and security diligence and interviewed target’s subject matter experts to assess HIPAA compliance and quantify risk associated with any non-compliance. 
  • Coordinated with representations and warranties insurers to evaluate risk related to privacy and security compliance issues. 
  • In at least one instance, successfully negotiated terms of a purchase agreement related to indemnification after target’s non-compliance with HIPAA almost prevented transaction from closing. 
  • Assist clients with negotiating and operationalizing post-closing transitional services agreements, which in one instance involved addressing integrated electronic health record issues where certain aspects of the records were considered excluded assets.
  • Assist clients with implementing HIPAA compliance programs post-closing.
  • Interpretation of state patient privacy and consent for disclosure laws and their application to health information exchange consent structure.
  • Survey of various state laws related to patient privacy and related HIPAA preemption analysis. 
  • Assisted a client in responding to an OCR investigation request.
  • Prepare and draft HIPAA policies and procedures and compliance documents for covered entities and business associates of various sizes.
  • Assisted a web-based business associate client in HIPAA workforce training.
  • Assisted clients in potential HIPAA breach investigation and required notifications.
  • Assisted a health system client in governance, policy, and document review needs for the creation of a health information exchange partnership with another health system.
  • Assisted a health system client in developing a model set of medical staff bylaws to be used system-wide by each hospital.
Related News

Past Events