Ashleigh Giovannini

Thoughtful, creative counsel focused on workable solutions

Ashleigh Giovannini partners with domestic and international health care, digital health, health care innovation and life sciences businesses at all stages of development to:

• Build solid legal and regulatory compliance foundations while balancing risk tolerance and acceleration toward strategic business goals.
• Devise creative approaches to complying with state, federal and international privacy and cybersecurity frameworks for health and other sensitive data.
• Develop and negotiate unique data, technology and health care services contracts to optimize growth.

Ashleigh is a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals. She has a clear understanding of emerging privacy and security issues in the health care industry. With this knowledge, Ashleigh makes it a point to deeply immerse herself in the business models of her clients to help them establish sustainable consumer trust while maximizing growth potential.  

Admitted in Arkansas. Not Admitted in Wisconsin.

• Advises clients on federal and state laws and regulations pertaining to health data and consumer privacy and security.
• Counsels foreign and domestic clients on the General Data Protection Regulation (GDPR) and matters pertaining to health data localization, data center location and registration, restrictions on health data use and data subject.
• Manages all aspects of data breach and cybersecurity incident response, including investigation, notification, recovery and mitigation.
• Supports the development of innovative corporate business models for health care providers and technology companies to expand across the United States and abroad.
• Structures and reviews privacy and security documentation, including notices, policies and procedures, consents, authorizations and disclaimers to incorporate federal, state and international rules and regulations.
• Assists clients in drafting and negotiating complex health care technology arrangements, including data licenses, software-as-a-service (SaaS) and platform-as-a-service (PaaS) agreements, service level agreements, business associate agreements, and data use, transfer and processing agreements.

• Managed the expansion of numerous national and international health care clients through the establishment of large-scale management services organization-professional corporation (MSO-PC) models.
• Represented health care providers and technology vendors in negotiating and closing a myriad of multifaceted technology contracts.
• Conducted multiple privacy, security and regulatory compliance gap analyses to inform clients on risk profiles and opportunities to maximize efficiency.
• Successfully devised various billing strategies for clients providing telemedicine, telehealth and virtual care management services in accordance with current procedural terminology (CPT) codes, the Medicare Physician Fee Schedule, state Medicaid provider manuals and other rules set by government and private payers.