James B. Wieland is a principal in Ober|Kaler’s Health Law and Intellectual Property Groups and leads the Health Care Information Privacy, Security and Technology practice. Jim’s practice is focused on privacy and security issues, particularly those related to state and federal laws regarding health care information (PHI) and personal information (PI). Jim began working in the area of HIPAA with the publication of the initial draft Privacy Rule in 1999 and has continued to help his clients comply with all aspects of HIPAA’s privacy and security requirements, and specifically HIPAA Breach prevention and HIPAA reporting as those issues have evolved. His practice involves both regulatory compliance and technology contracting involving the information assets of his clients, such as technology outsourcing. He has helped clients develop client and vendor information privacy and security planning as well as deal with data breaches implicated by state laws relating to PI.
Jim represents a wide array of entities including hospitals and health systems, physician organizations and third parties that provide services or information technology involving access to PHI and PI. He has significant experience in the representation of data registries and health information exchanges (HIE) and in the area of Business Process Outsourcing (BPO). Jim applies his intellectual property law experience to client representation involving protected or proprietary data such as negotiating issues related to de-identification or aggregation of PHI or PI or the development of new business processes, software or other protectable property in the course of third party contractor relationships.
As the health care system moves to population health management under Accountable Care Organizations (ACO) and under governmental and private payer initiatives, Jim brings his experience with laws and regulations affecting PHI and PI, which are key to those initiatives. This assistance enables clients to develop new, legally compliant, sources of legally protected information.
Jim also serves as Privacy Officer for Ober|Kaler. In this capacity he develops HIPAA policies for the security and privacy of medical and personal information as well as for other privileged and confidential client information.
In 2006, Maryland’s then-Governor Robert Ehrlich appointed Jim to the Task Force to Study Electronic Health Records, a blue ribbon panel reporting directly to the Maryland legislature on Electronic Health Records (EHR), e-Prescribing and Regional Health Information Organizations. He was subsequently designated as the lead person for the EHR workgroup within the Task Force.
Jim was a member of Ober|Kaler from 1979 to 1989. In 1999, he returned to the firm after practicing health care law in Silicon Valley in the San Francisco Bay Area where he gained significant experience in the representation of health care companies as a partner in a large national law firm.
Jim is a frequent lecturer on health care regulatory topics and served as an associate member of the faculty of Johns Hopkins University, where he taught negotiation skills in the University’s MBA program. He has published numerous articles on health care topics and is the author of “Medicare Part B Reimbursement for Physicians” in the Clark Boardman treatise Health Law Practice Guide and Managed Care and Capitation Contracting, a book published by the American Society of Internal Medicine.
- American Bar Association
- American Health Lawyers Association
- Board of Directors, Past Member
- Health Information Management Manual, 3rd Edition
- Editorial Board
- Healthcare Information and Management Systems Society (HIMSS)
- Legal Task Force, Chair
- Listed in The Legal 500, 2012
- Selected by Nightingale’s Healthcare News as one of the Outstanding Healthcare IT Lawyers for 2009 and as one of the Outstanding Physician Practice Lawyers for 2006
- Presenter, "HIPAA Audits Have Arrived (Again): How Covered Entities and Business Associates Can Prepare for OCR HIPAA Audits Phase 2," Webinar, Ober|Kaler and CynergisTek, 2016
- Presenter, "Cloud Computing & Health Care Organizations - Critical Privacy & Security Issues," Webinar, Ober|Kaler and CynergisTek, 2015
- Presenter, "Creating Stable Security and Compliance Relationships Between Health Care Organizations and Vendors," Webinar, Ober|Kaler and CynergisTek, 2015
- Presenter, "Develop Best Practices to Navigate Stage 2 Attestation and Avoid Penalties Under Stage 3 Regulation," Meaningful Use Audit & Compliance Conference, GHP Network, 2015
- Presenter, "Data Breaches in Healthcare: Responding to the Growing Threat of Cyber Attacks," Webinar, Strafford Publications, 2015
- Presenter, "Evaluating Open Source Software Licenses," Annual Conference, HIMSS, 2015
- Presenter, "Business Associates Update," National HIPAA Summit, Global Health Care, LLC, 2015
- Presenter, "Business Associates and the Omnibus Rule," Safeguarding Health Information: Building Assurance through HIPAA Security, HHS Office for Civil Rights (OCR) and the National Institute of Standards and Technology (NIST), 2014
- Presenter, "Preparing for a HIPAA Breach - Tips from the Trenches," Podcast, Ober|Kaler, 2014
- Presenter, “Preparing for the HITECH September Deadline - Tips for Negotiating Effective Business Associate Agreements under HIPAA,” Webinar, Ober|Kaler 2014
- Presenter, “Compliance and Your Billing Contract,” Annual Compliance Conference, Healthcare Billing & Management Association, 2014
- Presenter, “HIPAA Compliance: Stepping It Up in 2014,” Annual Conference, HIMSS, 2014
- Presenter, “Foundations in HIPAA - Building Blocks of Health Law,” Webinar, Ober|Kaler Health Care General Counsel Institute, 2014
- Presenter, “HIPAA/HITECH Act Rules Governing the Secondary Use of Patient Information-The Money and Challenges,” Security & Privacy Intelligence for Health Care Conference, World Congress, 2013
- Presenter (with Leon Rodriguez, Director of the Office of Civil Rights of the Department of Health and Human Services), " A Dialogue On HIPAA/HITECH Compliance: Considerations Now That the HITECH Regs Are Here," HIMMS 13, Healthcare Information and Management Systems Society (HIMSS), 2013
- Co-chair, speaker and moderator, “Analyzing Health Care Privacy and Security Challenges vis-à-vis the Evolving Concept of Health Information Exchanges,” 3rd Annual Health Care Privacy and Security Forum, American Conference Institute, 2013
- Presenter, “The Health IT Legal Landscape: Policy Changes & Practical Examples in a Post-Omnibus Privacy Rule World,” Government Health IT Conference, Healthcare Information and Management Systems Society (HIMSS), 2013
- Co-author, “HHS Overhaul of HIPAA: Summary of New Obligations for Covered Entities and Business Associates,” Maryland State Bar Association Section of Labor and Employment Newsletter, 2013
- Presenter, "HITECH and HIPAA: The Final Rule," Webinar, Ober|Kaler Health Care General Counsel Institute, 2013
- Presenter (with Leon Rodriguez, Director of the Office of Civil Rights of the Department of Health and Human Services), "HIPAA Privacy and Security Regulations," HIMMS 12, Healthcare Information and Management Systems Society (HIMSS), 2012
- Presenter, "The Supreme Court ACA Case: Implications for Health IT," Webinar, Healthcare Information and Management Systems Society (HIMSS), 2012
- Presenter, “HIE in Practice: Questions Physicians Are Asking,” Webinar, American Medical Association, 2012
- Presenter, “Social Media, Health Care Privacy and Your Employees: 7 Tips to Avoid HIPAA Violations and Employee Claims,” Webinar, Ober|Kaler, 2011
- Presenter, “Legal Roadmap for Providing Technological Support: Avoiding Hidden Dangers,” ThinkLab ’11, Clinical Laboratory Management Association, 2011
- Co-chair and Speaker, "Business Associates and HITECH Changes," 18th National HIPAA Summit, 2010
- Presenter, “Practical Steps to Prepare for the HITECH Act: What Healthcare Providers Need to Know,” Health Care Information Division Audio Seminar, BNA, 2009
- Presenter, “Electronic Medical Records: Minimizing Legal Risks and Liabilities,” Teleconference, Health Law Week, Hospital Litigation Reporter and New York Health Law Update, 2009
- Presenter, “Legal Knowledge Base for Owners and Managers,” Health Care Billing and Management Association, 2008
- Presenter, “HIPAA Privacy and Security – Heightened Enforcement,” Stafford Legal Teleconferences, 2008
- Presenter, “Making the Right Call: Assessing Electronic Medical Records Systems,” The Beacon Institute / LifeSpan Annual Conference, 2008
- Presenter, “Coding and the Law,” American College of Medical Coding, 2008
- Presenter, “HIPAA Fundamentals,” American Bar Association, Section of Health Law, 2008
- Presenter, “The Federal Trade Commission’s Red Flags Rule,” The Radiology Business Management Association, 2008
- Presenter, “Privacy and Security of Electronic Health Information: HIPAA and Beyond,” Decision Health, 2008
- Co-author with E. Scott Johnson, “Technology Agreements: HIPAA Negotiation Points for Software Licenses,” RBMA Bulletin, 2002
- Co-author with Howard L. Sollins, “HIPAA Alert: It's April 14th, 2003! Do You Know Where Your 'PHI' Is?” The Aegis Report, 2002
- Author, “Medicare Part B Payment for Physician Services,” Chapter in Health Law Practice Guide, Clark Boardman Callaghan (revised annually)
- Author, “Internists’ Guide to Managed Care and Capitation Rates,” American Society of Internal Medicine, 1995