Innovative, practical counsel for privacy and strategic goals
Meghan O'Connor provides strategic counsel in the areas of data privacy and cybersecurity, regulatory compliance, information governance, commercial contracting and transactions, with particular attention to companies managing health and other personal data. She advises on:
- Innovative arrangements to leverage data and achieve strategic goals while managing risk.
- Compliance program development with operationally feasible practices in light of ever-evolving privacy and security laws.
- Implementing emerging technologies, including artificial intelligence (AI), as well as developing commercialization strategies.
- Transaction support, including diligence, risk management, and data and IT integration.
- Privacy and security incident preparedness and response through all phases of recovery, including business continuity, breach notification and government investigation.
Meghan believes good privacy and security can drive market growth, consumer trust and strategic opportunities for companies at all stages of development. She leverages over a decade of experience to help her clients navigate complex regulatory requirements.
Meghan is a Certified Information Privacy Professional (CIPP/US) by the International Association of Privacy Professionals. She is chair of the Data Privacy & Security team and serves as Milwaukee office chair of the Health & Life Sciences Practice Group.
Experience in Action
- Advises clients on the development and negotiation of novel and disruptive arrangements and partnerships, complex data sharing initiatives, innovative health and IT solutions, and new technologies.
- Structures and reviews information privacy and security compliance programs to support clients’ business goals while remaining competitive, proactive in managing vendor and workforce risk, and prepared for data incidents.
- Provides strategic advice to clients ranging from startups to Fortune 10 companies on the patchwork of federal and state privacy laws and industry standards, particularly HIPAA, the HITECH Act, the 21st Century Cures Act, FERPA, the Privacy Act, 42 CFR Part 2, biometric and other sensitive data laws, and state breach and comprehensive privacy laws.
- Manages all aspects of data breach and cybersecurity incident response. Meghan helps with investigation, notification, recovery, mitigation, government investigation (e.g., federal regulators such as the HHS Office for Civil Rights and state attorneys general) and successfully resolving and avoiding enforcement actions.
- Advises clients on the development of health care business transactions, effective uses of clinical and claims data to support value-based reimbursement arrangements and negotiation of managed care contracts.
Successes
- Assisted with development and implementation of privacy and security programs for AI, cloud services, technology startups, vertically integrated health systems, self-funded health plans, payers, telehealth and connected platforms, and professional sports teams.
- Advised a multinational company on big data strategy, including de-identification and data use cases to bridge the gap between legal requirements and opportunities to maximize value.
- Structured complex data sharing arrangements for health information exchanges, technology companies, pharmaceutical industry and health care providers, including analyzing the patchwork of applicable laws and consumer notice and consent models, and preparing corresponding agreements and operating policies.
- Conducted privacy and security diligence, negotiated transaction documents to manage risk and coordinated remediation on behalf of buyers, sellers and investors in health care and commercial transactions.
- Managed incident response and recovery for a wide range of clients, including health care providers, universities, information technology companies, health plans and employers, including successfully responding to federal and state government investigations without penalty.
Capabilities
- Health & Life Sciences
- Health Information Technology, Privacy and Security
- Hospitals and Health Systems
- Health Care Transactions
- Pharmacy, Drug and Device
- Telehealth
- Data Privacy & Security
- Higher Education
- Artificial Intelligence
- Health Insurance Industry Partners (PBMs, TPAs, DMPOs and URAs)
- Provider and Physician Groups
- Research Institutions & Higher Education
- Sports, Entertainment and Media Industry
- Technology Transfer
Professional Recognitions
- Best Lawyers in America® (2019-present: Health Care Law)
- Wisconsin Super Lawyers® "Rising Stars" (2018-present: Healthcare)
- Wisconsin Law Journal "Up and Coming Lawyer" (2016)
- State Bar of Wisconsin, commendation for writing excellence, (2013)
- Milwaukee Bar Association Pro Bono Publico Award (2009)
Professional & Civic Activities
- Medical College of Wisconsin, Institutional Review Board, past member
- Wisconsin Humane Society, board of directors
- HIPAA Collaborative of Wisconsin, board member; Privacy Discussion Group, co-chair
- International Association of Privacy Professionals, member
- Milwaukee Bar Association, member; Health Law Section, former co-chair
- American Health Law Association, member
- American Bar Association, member
- State Bar of Wisconsin, member
- National Association of College and University Attorneys, member
- American Society for Pharmacy Law, member
News & Insights
Education
- Northwestern University, Kellogg School of Management, Certificate, Quarles & Brady Leadership Program (2018)
- Marquette University Law School (J.D., cum laude, 2010)
- Marquette Elder’s Advisor (NKA Marquette Benefits & Social Welfare Law Review), editor-in-chief
- Lawrence University (B.A., magna cum laude, 2005)
Bar Admissions
- Wisconsin