Photo of Kathryn Rattigan

Kathryn M. Rattigan concentrates her practice on data privacy and security counseling. She has expertise in helping clients comply with the Health Insurance Portability and Accountability Act (HIPAA) by reviewing, revising, and implementing necessary policies and procedures for all types of healthcare organizations, ranging from solo practitioners to expansive hospital systems. Ms. Rattigan works with clients to map the types of data they collect and then determine how the information should be secured and protected through appropriate practices, policies and procedures. She also works with clients to handle potential and confirmed data breaches while providing insight into federal regulations and requirements. Read her full bio here.

Last week, Diabetes, Endocrinology & Lipidology Center Inc. (DELC) of West Virginia reached a $5,000 settlement with the Office for Civil Rights (OCR) over  allegations that it failed to provide timely access to a patient’s health records. The OCR alleged that DELC waited more than two years to send a minor’s medical records to their

A class action was filed in Fort Lauderdale, Florida this week against a national telehealth provider, MDLive Inc. (MDLive) for its mobile app’s alleged secret capture of screenshots containing sensitive patient information without restricting access to medical providers who have a legitimate need to view the information. The lawsuit was filed by Utah resident, Joan Richards, who is seeking class certification of a class that she estimates will include thousands of other MDLive users and more than $5 million damages.
Continue Reading Class Action Initiated Against Telehealth Provider for Disclosure of Sensitive Information