Elizabeth Barry Heddleston

As a member of the firm’s Health Law, Cybersecurity & Data Privacy, and Business and Corporate practice groups, Liz Heddleston helps clients navigate the complex legal landscape governing healthcare.

Liz provides practical guidance on regulatory, operational, and corporate issues to medical practices, hospitals, long-term care facilities, and other healthcare organizations. She advises clients on a broad range of healthcare-related matters, including Stark Law and Anti-Kickback Statute matters, contracting and transactional matters, state and federal regulatory compliance, Medicare and Medicaid issues, peer review and credentialing, and corporate and medical staff governance.

Liz specializes in HIPAA compliance and data privacy and is Certified in Healthcare Privacy Compliance (CHPC^®). She counsels clients on day-to-day privacy and security operational issues, the Information Blocking Rule, and other data privacy laws. She regularly advises clients on HIPAA breach response and notification issues, including reporting obligations to the HHS Office for Civil Rights (OCR). She assists clients in drafting, reviewing, and negotiating Business Associate Agreements and other healthcare technology agreements, and helps clients develop and update privacy policies and procedures.

A Bethesda, Md. native, Liz graduated from Davidson College with a B.A. in English and earned her law degree from William & Mary Law School (magna cum laude, Order of the Coif). Prior to law school, Liz worked for five years as a newspaper journalist in Lynchburg, Va.