This website uses cookies. For more information please contact us or consult our privacy policy.
Your binder contains too many pages, the maximum is 40.
We are unable to add this page to your binder, please try again later.
This page has been added to your binder.

Dena Feldman helps clients from across the health care industry navigate a range of complex regulatory and policy issues.
Ms. Feldman has particular expertise on health privacy issues arising under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Clinical and Economic Health (“HITECH”) Act, and state medical privacy laws. Ms. Feldman also regularly counsels clients on the federal rules and policies governing Medicare and Medicaid, including the new mandates of the Affordable Care Act.
- Assist clients from across the health care industry on compliance with HIPAA, the HITECH Act, and state medical privacy laws.
- Counsel clients on the requirements of the expansion of Medicaid eligibility and other key provisions of the Affordable Care Act.
- Prepared comments on the Medicare Physician Fee Schedule rule on behalf of an industry trade association.
- Advised a Prescription Drug Plan on the federal requirements under Medicare Part D.
- Represented a state agency in appeal of a disallowance involving Medicaid payment for long-term care services in managed care before the U.S. Department of Health and Human Services Departmental Appeals Board.
- Assist clients contemplating major acquisitions in the health care sector with regulatory due diligence efforts.
Pro Bono
- Advise non-profit reproductive health provider on various health care compliance matters.
- Assist a local non-profit organization in its efforts to ensure that the regional affiliate of a national insurance company fulfills its charitable health care obligation to citizens of the National Capital area.
- Advised non-profit advocacy organizations on legislative strategy.
Previous Experience
- U.S. Senate Committee on the Judiciary, Law Clerk (2010)
- Human Rights Campaign, Public Policy Advocate (2005-2008)
March 9, 2018, Covington Digital Health
On March 6, 2018, CMS announced the MyHealthEData initiative, which aims to give patients easier access to and control over their medical records. Announcing the initiative, CMS Administrator Seema Verma laid out a future where individuals will have access to their health data wherever they go and be able to share data with the push...… Continue Reading
January 18, 2018, Inside Privacy
On January 18, the Federal Trade Commission released its annual Privacy and Data Security Update, highlighting its enforcement efforts in 2017. The report discusses significant enforcement efforts in the areas of privacy, data security, credit reporting and financial privacy, international enforcement, children’s privacy, and telemarketing. The report also ...
May 19, 2017, Inside Medical Devices
Last week, the Health Care Industry Cybersecurity (HCIC) Task Force (the “Task Force”) published a pre-release copy of its report on improving cybersecurity in the health care industry. The Task Force was established by Congress under the Cybersecurity Act of 2015. The Task Force is charged with addressing challenges in the health care industry “when...… ...
April 3, 2017, Inside Privacy
The beginning of 2017 has brought a number of HIPAA enforcement actions involving covered entities. These enforcement actions indicate that HHS is continuing recent efforts to step up HIPAA enforcement and levy significant penalties for non-compliance. In January, HHS announced that it had reached a $475,000 settlement with a large health care network for ...
December 23, 2016, Inside Privacy
A new post over on Covington’s eHealth blog discusses HIPAA-related provisions in the Twenty-First Century Cures Act, signed by President Obama on December 13. These provisions direct HHS to consider HIPAA’s effects on mental health treatment and the availability of health data for research purposes. Read the full post here.… Continue Reading
December 23, 2016, Covington Digital Health
On December 13, 2016, President Obama signed the 21st Century Cures Act (“Cures Act”), Pub. L. 114-255, which aims to expand medical research and expedite the approvals of drug therapies for patients. The Cures Act also contains several provisions related to the HIPAA Privacy and Security Rules. None of these provisions make substantive changes to...… Continue ...
October 28, 2016, Covington Digital Health
The Department of Health and Human Services (HHS) recently published guidance on HIPAA requirements governing the use of cloud computing entities, specifically cloud services providers (CSPs). In this guidance, HHS explains that CSPs that create, receive, maintain, or transmit protected health information (PHI) on behalf of a covered entity or business associate ...
October 21, 2016, Inside Medical Devices
The Department of Health and Human Services (HHS) recently published guidance on HIPAA requirements governing the use of cloud computing entities, specifically cloud services providers (CSPs). In this guidance, HHS explains that CSPs that create, receive, maintain, or transmit protected health information (PHI) on behalf of a covered entity or business associate ...
FDA Releases Draft Guidance on Dissemination of Patient-Specific Information by Device Manufacturers
July 7, 2016, Inside Privacy
Last month, the FDA released a draft guidance document on the sharing of patient-specific data associated with medical devices, including information recorded, stored, processed, retrieved, and/or derived from the device. A new post on Covington’s Inside Medical Devices blog discusses the draft guidance and its implications for sharing patient information.… ...
July 7, 2016, Inside Privacy
A new post over on Covington’s eHealth blog discusses a recent enforcement action taken by the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) against Catholic Health Care Services, a business associate under HIPAA, arising out of a stolen iPhone. This recent enforcement action should put business associates...… Continue ...
July 7, 2016, Covington Digital Health
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently announced a significant settlement with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS), a business associate under HIPAA, arising from a breach of protected health information (PHI) after the theft of an employee’s iPhone. The iPhone...… ...
FDA Releases Draft Guidance on Dissemination of Patient-Specific Information by Device Manufacturers
July 5, 2016, Inside Medical Devices
Last month, the FDA released a draft guidance document on the sharing of patient-specific data associated with medical devices, including information recorded, stored, processed, retrieved, and/or derived from the device. FDA noted that patients increasingly seek to play an active role in their own health care and that providing patients access to information ...
April 28, 2016, Inside Privacy
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services has been busy. In addition to its recent efforts to begin audits of covered entities and business associates, OCR has announced a slew of enforcement actions against covered entities for alleged HIPAA violations. Last month, OCR announced two seven-figure settlements...… ...
April 21, 2016, Inside Privacy
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) has begun to audit covered entities and business associates for compliance with HIPAA. A new post on the Covington eHealth blog discusses recent developments in OCR’s efforts to move these audits forward.… Continue Reading
April 21, 2016, Covington Digital Health
Phase 2 HIPAA Audits Underway The HHS Office for Civil Rights (OCR) has begun its effort to audit covered entities and business associates for compliance with HIPAA. We have previously reported on OCR’s preparations for these proactive audits. OCR implemented Phase 1 of the program in 2011 as a pilot program, under which OCR evaluated...… Continue Reading
April 11, 2016, Inside Privacy
A new post on the Covington eHealth blog discusses the new web-based interactive tool released by the FTC, in conjunction with HHS and the FDA, to assist mobile health app developers in navigating applicable federal laws and regulations in the areas of advertising and marketing, medical devices, and data security and privacy. As part of...… Continue Reading
April 7, 2016, Inside Medical Devices
A new post on the Covington eHealth blog discusses the new web-based interactive tool released by the FTC to assist mobile health app developers in navigating applicable federal laws and regulations in the areas of advertising and marketing, medical devices, and data security and privacy.… Continue Reading
April 7, 2016, Covington Digital Health
On April 5, the Federal Trade Commission (FTC), in conjunction with the Food and Drug Administration (FDA) and the Department of Health and Human Services (HHS), released a new web-based interactive tool to assist mobile health app developers in navigating applicable federal laws and regulations in the areas of advertising and marketing, medical devices, and...… ...
April 1, 2016, Covington Digital Health
On February 29, 2016, the Centers for Medicare and Medicaid Services (CMS) issued a State Medicaid Directors Letter (SMDL) that expands the scope of expenditures eligible for the 90 percent federal match for activities to promote the use of a health information exchange (HIE) and the adoption of certified electronic health record (EHR) technology by...… Continue ...
February 26, 2016, Inside Privacy
On Tuesday, February 9, the Substance Abuse and Mental Health Services Administration (SAMHSA) published a proposed rule to update regulations at 42 C.F.R. Part 2 that protect the confidentiality of alcohol and drug abuse patient records. The regulations were originally promulgated in 1975 and last substantively updated in 1987. SAMHSA intends for these ...
January 28, 2016, Inside Privacy
The Senate Judiciary Committee today successfully reported H.R. 1428, the Judicial Redress Act of 2015. However, the bill included an amendment to the House-passed version that has the potential to influence current negotiations between the United States and the European Union to reach a new Safe Harbor agreement. As we previously reported, the Judicial ...
January 6, 2016, Covington Digital Health
Last week, the Centers for Medicare and Medicaid Services (CMS) published a request for information (RFI) seeking public comment regarding areas of certification and testing of health IT as part of the Electronic Health Records (EHR) meaningful use program. Beginning in 2018, participants in the Stage 3 Meaningful Use EHR incentive program must electronically ...
November 19, 2015, Covington Digital Health
While Americans continue the trend towards replacing the traditional phone call with email and texts, health care providers have yet to catch on when interacting with their patients. A recent survey by Nielsen Strategic Health Perspectives found that less than a third of Americans have access to digital communications with their physicians: The survey found...… ...
October 12, 2015, Covington Digital Health
A new post on Covington’s Inside Medical Devices blog discusses a new portal recently launched by HHS seeking questions from mobile health application developers. The platform allows for individuals to both submit and review questions on the HIPAA implications of these mobile health applications. To read the post, click here.… Continue Reading
October 9, 2015, Inside Medical Devices
On October 5, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services launched a new platform to enable developers of mobile health technology, as well as others “interested in the intersection of health information technology and HIPAA privacy protection.” OCR notes that there is currently “an explosion of technology...… Continue ...
November 18, 2014, Global Policy Watch
The mid-term election brings an historic changing of the guard in the health care leadership in Congress. Republicans will take control of the Senate in January and gain key chairmanships. Senior Democrats like Senators Harkin and Rockefeller, and Representatives Dingell and Waxman, who have been leaders on health policy issues for decades, are retiring. ...
May 27, 2014, Inside Medical Devices
The medical device tax is back in the news, after recent congressional efforts to delay or repeal the tax. The most recent efforts arose in the context of the “tax extenders” bill, which extends until the end of 2015 more than 50 tax provisions that are due to expire at the end of 2014. In...… Continue Reading
May 1, 2014, Inside Compensation
Recently, HHS Office of Civil Rights (OCR) announced that it has entered into settlement agreements with two entities following enforcement actions, both arising from stolen laptops that were not encrypted in accordance with the Security Rule. According to HHS, an unencrypted laptop was stolen from a physical therapy center in Springfield, Missouri. The center ...
March 21, 2014, Inside Medical Devices
A recent analyst report indicates that health care organizations and internet-connected medical devices are increasingly vulnerable to cyber-attacks. The Health Care Cyberthreat Report was issued in February 2014 by the SANS Institute, which describes itself as a cooperative research and education organization that is a source of cybersecurity training, security ...
December 9, 2013, Inside Medical Devices
Recently, the Office of Inspector General (OIG) at HHS released a report on the HIPAA enforcement efforts of HHS’s Office for Civil Rights (OCR). Specifically, the OIG looked at whether OCR’s efforts to enforce HIPAA’s Security Rule were adequate. The OIG’s findings may lead to increased enforcement efforts by OCR. Background on the Security Rule...… Continue ...
November 8, 2013, Inside Medical Devices
We have previously discussed the effect of sequestration on FDA user fees. Pharmaceutical and device manufacturers pay these user fees into a fund, which the FDA then draws upon to accelerate approval of new products and devices. However, despite the fact that these funds are paid by private industry and are not derived from general...… Continue Reading
11/07/2013
WASHINGTON, DC, November 7, 2013 — Salix Pharmaceuticals, Ltd., and Santarus, Inc. announced today that the companies have entered into a merger agreement where Salix will acquire all of the outstanding stock of Santarus for $32 in cash per share, for a total value of approximately $2.6 billion. Covington & Burling LLP is advising Salix on both the acquisition ...
October 18, 2013, Inside Medical Devices
We previously reported about the prominent role played by the medical device tax in the government shutdown/debt ceiling negotiations. At various points, repeal of the medical device tax was included in proposed measures to fund the government. When full repeal appeared to be off the table, several sources reported that Congress had considered a two-year...… ...
June 29, 2012, Covington Advisory
September 5, 2011, BNA Product Safety & Liability Reporter