Liz Heddleston is a member of the firm’s Health Law, Cybersecurity & Data Privacy, and Business and Corporate practice groups.

Liz helps clients navigate the complex legal landscape governing healthcare. She provides practical guidance on regulatory, operational, and corporate issues to medical practices, hospitals, long-term care facilities, and other healthcare organizations. Liz advises clients on a broad range of healthcare-related matters, including Stark Law and Anti-Kickback Statute matters, contracting and transactional matters, state and federal regulatory compliance, Medicare and Medicaid issues, peer review and credentialing, and corporate and medical staff governance.

Liz specializes in HIPAA compliance and data privacy, counseling clients on day-to-day privacy and security operational issues, the Information Blocking Rule, and other data privacy laws. She regularly advises clients on HIPAA breach response and notification issues, including reporting obligations to the HHS Office for Civil Rights (OCR). She assists clients in drafting, reviewing, and negotiating Business Associate Agreements and other healthcare technology agreements, and helps clients develop and update privacy policies and procedures.

A Bethesda, Md. native, Liz graduated from Davidson College with a B.A. in English and earned her law degree from William & Mary Law School (magna cum laude, Order of the Coif). During law school, Liz was a member of the William & Mary Law Review and served as a fellow for the Center for Legal & Court Technology. Prior to law school, Liz worked for five years as a newspaper journalist in Lynchburg, Va.