Browse by Category


GDPR and Health Care


This is a virtual event, accessible online and over the phone. Access instructions will be provided after registration.


This is a complimentary program sponsored by Ankura.

Compliance with the EU General Data Protection Regulation remains a major complication for companies doing business with the EU. Health-care companies in particular struggle with these new demands due to management of sensitive information. Bloomberg Law, privacy counsel, and data security experts will share insights on GDPR requirements impacting the health-care industry, costs of non-compliance and security failures, and strategies for developing data privacy programs.  

Educational Objectives:

• GPDR compliance requirements impacting the health care industry.
• The costs of data privacy and security failures.
• Strategies for developing data privacy programs for GDPR compliance specific to health care.

Who would benefit most from attending this program?

In-house and outside counsel advising companies in the health care industry. 


Brian Annulis
  • Senior Managing Director
  • Ankura

Brian Annulis is a Senior Managing Director at Ankura with more than 25 years of experience helping clients successfully manage complex healthcare compliance and regulatory concerns. He has particular expertise assisting organizations with developing, implementing, maintaining, and assessing compliance programs, and in managing matters implicating the Stark Law and the federal Anti-Kickback Statute. He is based in Chicago.

He has spent his entire professional career counseling and advising healthcare providers, suppliers, practitioners, manufacturers, and health plans. Having served as a former attorney for the Centers for Medicare & Medicaid Services, Brian is well-informed in matters affecting healthcare entities. In addition, he has significant experience in matters involving health information and data privacy.

Deven McGraw
  • Chief Regulatory Officer
  • Ciitizen

Deven McGraw is the Chief Regulatory Officer for Ciitizen. Prior to joining Ciitizen, she directed U.S. health privacy and security policy through her roles as Deputy Director for Health Information Privacy at the HHS Office for Civil Rights (the office that oversees HIPAA policy and enforcement) and Chief Privacy Officer (Acting) of the Office of the National Coordinator for Health IT. Deven also advised PCORNet (the Patient Centered Outcomes Research Network), as well as the federal All of Us Research Initiative, on HIPAA and patient-donated data research initiatives.

Colin J. Zick
  • Partner, Co-Chair, Healthcare Practice and Chair, Privacy & Data Security Practice
  • Foley Hoag

Colin Zick’s practice is focused on health care and compliance issues, and often involves the intersection of those two subjects in investigations, administrative proceedings or litigation. His work has had a particular emphasis on compliance issues related to life sciences, pharmaceutical and medical device companies, laboratories, hospitals, providers, and provider organizations. This compliance work includes helping clients establish and maintain effective compliance programs. Colin also defends clients in disputes alleging kickbacks, overpayments, and billing and coding problems, and represents clients before state health care licensing and regulatory entities.

Continuing Education

1.0 General COA, 1.0 CLE
A basic understanding of privacy and health care issues.
Production Date: