Thoughtful, creative counsel focused on workable solutions
Ashleigh Giovannini partners with domestic and international health care, digital health, health care innovation and life sciences businesses at all stages of development to:
- Build solid legal and regulatory compliance foundations while balancing risk tolerance and acceleration toward strategic business goals.
- Devise creative approaches to complying with state, federal and international privacy and cybersecurity frameworks for health and other sensitive data.
- Develop and negotiate unique data, technology and health care services contracts to optimize growth.
Ashleigh is a Certified Information Privacy Professional (CIPP/US) through the International Association of Privacy Professionals. She has a clear understanding of emerging privacy and security issues in the health care industry. With this knowledge, Ashleigh makes it a point to deeply immerse herself in the business models of her clients to help them establish sustainable consumer trust while maximizing growth potential.
Admitted in Arkansas. Not Admitted in Wisconsin.
Experience in Action
- Advises clients on federal and state laws and regulations pertaining to health data and consumer privacy and security.
- Counsels foreign and domestic clients on the General Data Protection Regulation (GDPR) and matters pertaining to health data localization, data center location and registration, restrictions on health data use and data subject.
- Manages all aspects of data breach and cybersecurity incident response, including investigation, notification, recovery and mitigation.
- Supports the development of innovative corporate business models for health care providers and technology companies to expand across the United States and abroad.
- Structures and reviews privacy and security documentation, including notices, policies and procedures, consents, authorizations and disclaimers to incorporate federal, state and international rules and regulations.
- Assists clients in drafting and negotiating complex health care technology arrangements, including data licenses, software-as-a-service (SaaS) and platform-as-a-service (PaaS) agreements, service level agreements, business associate agreements, and data use, transfer and processing agreements.
- Managed the expansion of numerous national and international health care clients through the establishment of large-scale management services organization-professional corporation (MSO-PC) models.
- Represented health care providers and technology vendors in negotiating and closing a myriad of multi-faceted technology contracts.
- Conducted multiple privacy, security and regulatory compliance gap analyses to inform clients on risk profiles and opportunities to maximize efficiency.
- Successfully devised various billing strategies for clients providing telemedicine, telehealth and virtual care management services in accordance with current procedural terminology (CPT) codes, the Medicare Physician Fee Schedule, state Medicaid provider manuals and other rules set by government and private payers.
Professional & Civic Activities
- International Association of Privacy Professionals, certified information privacy professional (CIPP/US)
- State Bar of Arkansas, member
- American Health Law Association, member
- American Bar Association, member
- American Telemedicine Association, member
- Junior League of Memphis, member
- Refugee Empowerment Program, volunteer
- Certified Information Privacy Professional (CIPP/US), International Association of Privacy Professionals
News & Insights
- SeminarGlacier Canyon Lodge, Wilderness Resort
- WebinarWomen's Health Month Webinar Series: Post-Dobbs
- WebinarWomen's Health Month Webinar Series: Post-Dobbs Webinar
- Article"Cybersecurity Risks for Healthcare Enterprise"Enterprise Risk Management Handbook for Healthcare Entities, Fourth Edition American Health Lawyers Association & American Society of Healthcare Risk Management
- Summer 2022Article"Artificial Intelligence: A Legal Landscape"Laws of Medicine: Core Legal Aspects for the Healthcare Professional, Springer
- Presentation"Privacy and Security for Connected Health: The Good, The Bad, and the Futuristic"Health Care Compliance Association
- Podcast"Privacy and Security Frameworks for Connected Devices and the Internet of Medical Things"Decoding Healthcare Innovation
- Article"Laws of Medicine: Core Legal Aspects for the Health Care Professional"Springer
- Presentation"Privacy Earthquakes: Preparing for Seismic Shifts in the Data Privacy Landscape"Women in Cybersecurity, Tennessee Affiliate
- Fall 2019Article"The Law and Social Determinants of Health: A Clinical Study of Orthopedic Outpatients"Suffolk University Law School Journal of Health and Biomedical Law
- Saint Louis University (LL.M., 2021)
- Health Law and Policy Faculty Fellow
- University of Arkansas School of Law (J.D., 2019)
- Dean’s List
- Health Law Society Founder
- Medico-Legal Academic Achievement
- University of Arkansas (B.A., 2016)