Faculty Profile: Stephen Page

Stephen PageK&L Gates LLP
Previous Courses Taught (9)
  • 35th Annual Health Law Forum
  • 34th Annual Health Law Forum
  • 29th Annual Health Law Forum
  • 27th Annual Health Law Forum
  • 26th Annual Health Law Forum
  • 25th Annual Health Law Forum
  • 24th Annual Health Law Forum
  • 23rd Annual Health Law Forum
  • 22nd Annual Health Law Forum

Stephen Page is a partner at the firm's Nashville office and is a member of the Health Care and FDA practice group. 

Stephen has advised a myriad of clients across the health care industry such as telemedicine companies, digital health companies, hospital systems, ambulatory surgery centers, and health care investors. He works with clients on strategic and operational matters including compliance issues related to patient privacy and data security, corporate practice of medicine, Medicare and Medicaid fraud and abuse, and physician self-referral prohibitions. 

Stephen has also served as in-house legal counsel to two investor owned health care companies based in Nashville, Tennessee with operations across the United States. 
He has considerable experience assisting health care clients with matters concerning digital health, telemedicine, and offering practical and strategic advice across various regulatory areas. 

With respect to data privacy and security, Stephen has assisted clients with:

  • Creating HIPAA compliance programs,
  • HIPAA security assessments,
  • HIPAA privacy and security training materials,
  • Negotiation of data ownership rights,
  • Responding to federal and state privacy investigations,
  • Assessing security incidents and data breach reporting under HIPAA and state laws,
  • Creating and negotiating information security addendums,
  • Creating and negotiating HIPAA business associate agreements, HIPAA downstream subcontractor agreements and data use agreements,
  • Advising clients on HIPAA structuring consideration relating to organized health care arrangements and affiliated covered entity relationships,
  • Compliance with HIPAA on de-identification of data and data mining,
  • Negotiating both buy and sell side representations and warranties relating to privacy and data security and due diligence,
  • Day to day HIPAA compliance questions, and
  • While in-house, Stephen served on the company’s HIPAA compliance committee.