W. Reece Hirsch

Partner

W. Reece Hirsch co-heads the firm’s privacy and cybersecurity practice and counsels clients on a wide range of US privacy issues, specializing in healthcare privacy and digital health. Reece counsels clients on development of privacy policies, procedures and compliance programs, security incident planning and response, and online, mobile app, and Internet of Things privacy. In a Chambers USA ranking, Reece was recognized by his peers as “a consummate expert in privacy matters.”

insight

Complying with Newly Finalized CCPA Regulations

in the news

Q&A: With CCPA Enforcement Set to Begin Wednesday, Morgan Lewis Privacy Partner Weighs in, Reuters

video

Trailer: Responding to and Preventing Healthcare Data Breaches, Lawdition

Data breaches caused by cyberattacks and other incidents are so common today that in-house counsel spend much of their time worrying about them, particularly in the healthcare space where data breaches can include disclosure of personal health information regulated by state and federal laws including the Health Insurance Portability and Accountability Act (HIPAA). This course provides timely, actionable advice for in-house counsel that includes the 5 things you can start doing today to help prevent data breaches and better prepare your company to respond to them if they do occur.

Extended Profile

Reece has experience regarding the California Consumer Privacy Act and has written and spoken extensively on that subject. He edits and contributes to Bloomberg Law’s California Privacy Profile summarizing the state’s privacy and security laws.

Reece counsels clients in healthcare privacy and security matters, such as compliance with the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act, state medical privacy laws, and Federal Trade Commission standards applicable to digital health companies. He has represented clients from all sectors of the healthcare industry on privacy and security compliance, including health plans, insurers, hospitals, physician organizations, and healthcare information technology, digital health, pharmaceutical, and biotech companies. Reece also advises clients on privacy issues raised by the coronavirus (COVID-19) pandemic, including those relating to workplace testing, HIPAA waivers and enforcement discretion, contact tracing, telehealth, and work-from-home and return-to-work policies.

Reece is also an experienced healthcare regulatory and transactional attorney, advising healthcare providers and health plans on fraud and abuse, self-referral and licensing matters. He has served as lead transaction counsel on the sale and acquisition of hospitals, medical groups, clinics, and other healthcare organizations. Reece guides clients through corporate matters relating to the formation and ongoing representation of independent practice associations, medical groups, management services organizations, integrated delivery systems, and healthcare technology companies.

The International Association of Privacy Professionals has designated him a Certified Information Privacy Professional.

Reece also served on an advisory group to the California Department of Justice that developed a 2013 policy guide on the detection, prevention, and response to medical identity theft for providers implementing electronic health records systems. He previously served on a similar advisory group to the California Office of Privacy Protection that developed security breach response recommended practices.

Reece is a member of the editorial advisory boards of Healthcare Informatics and Briefings on HIPAA.

In 2009, Nightingale’s selected Reece as an Outstanding Healthcare Information Technology Lawyer.

On a volunteer basis, Reece serves on the board of directors of the Valentino Achak Deng Foundation, which has founded and operated the Marial Bai Secondary School and the Alok Girls’ Academy in South Sudan.