Health information privacy and security counsel
Apurva Dharia focuses on health information technology, privacy and security. He helps clients such as pharmacies, hospitals and health systems develop organizational privacy programs, policies and procedures, and provides privacy risk assessments and mitigation strategies for initiatives and incidents that involve the collection, creation, use or storage of personal information such as protected health information (PHI) and personally identifiable information (PII).
Apurva also provides clients with data privacy and security guidance by strategically negotiating and drafting licensing terms and data use agreements that enable clients such as health systems, research universities and pharmaceutical and medical device manufacturers to leverage real-world and research data to develop novel solutions to complex problems.
Prior to joining the firm, Apurva worked as a lead policy analyst at a federally funded not-for-profit organization and as a senior health care analyst at a biotechnology company. In these roles, he developed policy and regulatory language, including for surprise medical billing, price transparency, Medicare new technology add-on payments, HIPAA administrative simplification, 42 CFR Part 2 and more.
Admitted in Maryland. Not admitted in Washington D.C.
Experience in Action
- Advises clients on state, federal and international data privacy and security laws, including GDPR, HIPAA, 42 CFR Part 2, CCPA/CPRA and other state laws governing the confidentiality of personal information, medical records and other forms of sensitive records.
- Drafts and negotiates master research services licensing and collaboration agreements between pharmaceutical manufacturers and artificial intelligence and machine learning-based health care research organizations.
- Assists in the response to security incidents and breaches. Apurva provides guidance to clients regarding compliance with state and federal laws governing data breaches and develops materials to aid in the documentation of the initial investigation, incident response and notifications to state and federal government regulators as well as affected individuals.
- Aids health care providers and hospital systems in the response to subpoenas for patient records, including review and response regarding HIPAA Qualified Protective Orders (QPO) and requests for sensitive health information.
Professional & Civic Activities
- Legal internship with the NIH-National Human Genome Research Institute (NHGRI) Technology Transfer Office (2015)
News & Insights
- University of Maryland School of Law (J.D., 2016)
- Health Law Certificate
- University of Maryland (B.S., 2012)