Ms. Chestler is a shareholder with Baker Donelson in Nashville, Tennessee. She concentrates her practice in privacy, security and records management issues, health care and insurance regulatory compliance; and corporate transactions matters. She joined Baker Donelson after a distinguished career as in-house counsel and privacy officer to several large public and private companies.
Ms. Chestler routinely counsels clients on data privacy and security matters that arise from federal and state laws, including HIPAA, HITECH, GLB, FCRA/FACTA, state data breach laws and the Payment Card Industry (PCI-DSS) requirements. Ms. Chestler also counsels clients on global data protection laws, including the General Data Protection Regulation (GDPR). She has significant experience assisting companies in developing comprehensive privacy and security programs and working with Management to identify risk management issues, many times in anticipation of corporate transactions. She assists clients in identifying, evaluating and managing risks associated with privacy and information security practices of companies and third party service providers.
She routinely drafts and negotiates information security addendum and business associate agreements, develops compliance policies and procedures, and advises clients on data breaches and notification obligations.
Ms. Chestler assists clients with negotiating complex information technology and partnership agreements, including health information exchange (HIE) participation, EHR negotiation, blockchain, adoption and compliance with HITECH and meaningful use requirements, and audits. She has also assisted clients in analyzing and negotiating cloud computing issues and agreements.
Ms. Chestler has counseled providers, managed care organizations, insurers, third-party administrators, self-funded employers and health care specialty organizations on regulatory, compliance and operational issues.