Skip to main content

Kristen A. Marotta

Associate

[email protected]

+1.212.692.6246

Share:

Kristen focuses her practice on health care transactions, regulatory matters, and general contracting. Her experience includes counseling clients on both investing in and exiting from the health care space, drafting compliance plans and policies, facilitating deals and conducting due diligence to assess risk, addressing employment issues for health care entities, and assisting companies with formation and reorganization.

 

Prior to joining Mintz, Kristen was an associate in the health law group in the New York office of a Philadelphia-based national law firm. In that role, she handled a wide variety of compliance inquiries, servicing numerous types of health care providers, including local hospitals and physician practices. Earlier, she was an associate in the health care practice group and a summer associate in the Long Island, New York office of an international law firm, where she was engaged in the health care industry but also represented companies outside of health care in mergers and acquisitions and on general corporate, operational matters.

 

While attending law school, Kristen externed at William & Mary’s Athletic Compliance Office and a Virginia-based national law firm. She also served as a judicial intern to the Hon. Joseph F. Bianco of the US District Court for the Eastern District of New York. Her law school activities included serving as both a member of the William & Mary Business Law Review and a Marshall-Brennan Constitutional Literacy Project fellow.

 

Education

  • William and Mary Law School (JD)
  • University of Michigan (BA, with high distinction)

Recognition & Awards

  • Phi Delta Phi Legal Honor Society
  • James B. Angell Scholar, University of Michigan

Viewpoints

Viewpoint General
On June 28, 2018, California passed the California Consumer Privacy Act (CCPA) and then further amended it on September 23, 2018. CCPA breaks new state law privacy ground, and this post addresses some of the confusion surrounding the exemptions for health information.
Viewpoint General

Latest HIPAA Breach Involves Medical Records Hack of Business Associate

March 6, 2019 | Blog | By Kristen Marotta, Sarah Beth Kuyers

AltaMed Health Services (AltaMed) and California Physicians Services (doing business as Blue Shield of California (BSC)) recently received notice from their business associate, Sharecare Health Data Services (SHDS), of a hack of SHDS’s network that stores patients’ medical records.  The hacker was able to acquire and/or access patients’ protected health information (PHI) contained in the medical records kept by SHDS on behalf of AltaMed and BSC. The breach of AltaMed’s data was discovered on June 22, 2018, and the breach for BSC was discovered a few days later on June 26, 2018. Upon investigation, however, officials determined that both breaches went undetected for over a month and actually began on May 21, 2018.
Viewpoint General

HIPAA and Health Care Data Privacy - 2018 Year-in-Review

January 4, 2019 | Blog | By Sarah Beth Kuyers, Kristen Marotta, Kate Stewart

Today, we’re looking back at HIPAA and other privacy and security developments in 2018.  This past year saw continued HIPAA enforcement (including the largest ever fine for a HIPAA breach), reminders from the OCR on best practices for HIPAA compliance, and updates to state and international privacy and security laws.  We’ll also look ahead to 2019, which could bring several significant changes to HIPAA, such as reducing the burdens for sharing patient information in order to promote care coordination and better patient outcomes.
Viewpoint General

HIPAA Penalties For Failure to Cut Off Access To Former Employee

December 12, 2018 | Blog | By Kristen Marotta

It has been a busy few weeks for HIPAA enforcement. On Tuesday, the Office for Civil Rights announced its third resolution of a HIPAA breach in as many weeks. In this latest matter, OCR announced that Pagosa Springs Medical Center (PSMC), a critical access hospital in Colorado, has agreed to both pay $111,400 to the Office for Civil Rights (OCR) as well as adopt a comprehensive, two-year corrective action plan (CAP) to address and settle potential HIPAA violations.