Skip to Main Content
Gina Ginn Greenwood, JD, CIPP/US

Gina Ginn Greenwood, JD, CIPP/US

Partner, Lead of Data Protection, Privacy, and Security Practice

Atlantic Station
201 17th Street NW
Suite 1700
Atlanta, GA 30363
125 Plantation Centre Drive, South
Building 900, Suite B
Macon, GA 31210
gina.greenwood@nelsonmullins.com

Gina is the current chair of the Nelson Mullins Data Privacy, Security, and Breach practice group and the co-chair of the Nelson Mullins Data Breach Response and Investigation Team. Gina has a 20-year career in data privacy and healthcare law, practicing her entire career at three different AmLaw 100 law firms. Prior to transitioning to Nelson Mullins, she...

Gina is the current chair of the Nelson Mullins Data Privacy, Security, and Breach practice group and the co-chair of the Nelson Mullins Data Breach Response and Investigation Team. Gina has a 20-year career in data privacy and healthcare law, practicing her entire career at three different AmLaw 100 law firms. Prior to transitioning to Nelson Mullins, she previously developed and chaired the Breach Team at another AmLaw 100 law firm for over eight years. 

Gina has represented clients in hundreds of matters involving data protection, privacy, and cybersecurity. She focuses on the investigation, response, notification, and defense of data breaches; HIPAA Privacy and Security Rule compliance; Red Flag Rules compliance; Genetic Information Nondiscrimination Act (GINA) compliance; 42 C.F.R. Part 2 federal alcohol and drug abuse privacy compliance, Federal Trade Commission (FTC) Act privacy/security compliance, PCI DSS Standards Compliance; Gramm-Leach-Bliley Act (GBLA) privacy compliance; General Data Protection Regulation (GDPR) compliance; Family Educational Rights and Privacy Act (FERPA) compliance, and state consumer protection privacy, security and breach notification laws. She is approved cyber incident and investigations counsel for two of the largest insurance carriers in the world.

She is a recognized authority in Emergency Medical Treatment and Labor Act (EMTALA) compliance, investigations, hearings, and survey responses; fraud and abuse compliance plans, Joint Commission, and licensure compliance; reimbursement issues; contract drafting and general business advice; and many other regulatory and compliance matters pertinent to large and small businesses, device/pharmaceutical manufacturers, and healthcare entities.

Gina has authored numerous data privacy/security and healthcare materials including HIPAA Privacy and Security policy manuals, licensure policy manuals, Internet-based employee training modules, and fraud and abuse compliance plans/programs. She is a frequent speaker at data security tabletops and speaks often on the topics of managing ransomware attacks, HIPAA and EMTALA compliance, data breaches, and various other privacy and healthcare topics.

Gina was selected by the U.S. Commission on Civil Rights as a national EMTALA legal professional and provided oral testimony for a U.S. Commission on Civil Rights (USCCR) hearing in Washington, D.C. and corresponding written testimony, which was included in the USCCR "Patient Dumping" report as Congressional testimony to the President of the United States and the United States Congress (submitted September 2014).

Gina is very active in her community and church and has served on numerous philanthropic/nonprofit fundraising committees and boards of directors, including service to organizations like Goodwill and to the Campus Clubs Ministries, which is committed to supporting impoverished children who live in gang infested neighborhoods, assisting the children in developing social and educational skills through one-on-one mentoring, after-school and summer tutoring, and other active support programs. Gina believes change starts with changing herself and then trying to help those less fortunate one child at a time. The Greenwoods served as host family (in a child fostering-type program) to the Masonic Home of Georgia.

Gina Ginn Greenwood, JD, CIPP/US

previously developed and chaired the Breach Team at another AmLaw 100 law firm for over eight years. 

Gina has represented clients in hundreds of matters involving data protection, privacy, and cybersecurity. She focuses on the investigation, response, notification, and defense of data breaches; HIPAA Privacy and Security Rule compliance; Red Flag Rules compliance; Genetic Information Nondiscrimination Act (GINA) compliance; 42 C.F.R. Part 2 federal alcohol and drug abuse privacy compliance, Federal Trade Commission (FTC) Act privacy/security compliance, PCI DSS Standards Compliance; Gramm-Leach-Bliley Act (GBLA) privacy compliance; General Data Protection Regulation (GDPR) compliance; Family Educational Rights and Privacy Act (FERPA) compliance, and state consumer protection privacy, security and breach notification laws. She is approved cyber incident and investigations counsel for two of the largest insurance carriers in the world.

She is a recognized authority in Emergency Medical Treatment and Labor Act (EMTALA) compliance, investigations, hearings, and survey responses; fraud and abuse compliance plans, Joint Commission, and licensure compliance; reimbursement issues; contract drafting and general business advice; and many other regulatory and compliance matters pertinent to large and small businesses, device/pharmaceutical manufacturers, and healthcare entities.

Gina has authored numerous data privacy/security and healthcare materials including HIPAA Privacy and Security policy manuals, licensure policy manuals, Internet-based employee training modules, and fraud and abuse compliance plans/programs. She is a frequent speaker at data security tabletops and speaks often on the topics of managing ransomware attacks, HIPAA and EMTALA compliance, data breaches, and various other privacy and healthcare topics.

Gina was selected by the U.S. Commission on Civil Rights as a national EMTALA legal professional and provided oral testimony for a U.S. Commission on Civil Rights (USCCR) hearing in Washington, D.C. and corresponding written testimony, which was included in the USCCR "Patient Dumping" report as Congressional testimony to the President of the United States and the United States Congress (submitted September 2014).

Gina is very active in her community and church and has served on numerous philanthropic/nonprofit fundraising committees and boards of directors, including service to organizations like Goodwill and to the Campus Clubs Ministries, which is committed to supporting impoverished children who live in gang infested neighborhoods, assisting the children in developing social and educational skills through one-on-one mentoring, after-school and summer tutoring, and other active support programs. Gina believes change starts with changing herself and then trying to help those less fortunate one child at a time. The Greenwoods served as host family (in a child fostering-type program) to the Masonic Home of Georgia.

Gina is the current chair of the Nelson Mullins Data Privacy, Security, and Breach practice group and the co-chair of the Nelson Mullins Data Breach Response and Investigation Team. Gina has a 20-year career in data privacy and healthcare law, practicing her entire career at three different AmLaw 100 law firms. Prior to transitioning to Nelson Mullins, she... previously developed and chaired the Breach Team at another AmLaw 100 law firm for over eight years. 

Gina has represented clients in hundreds of matters involving data protection, privacy, and cybersecurity. She focuses on the investigation, response, notification, and defense of data breaches; HIPAA Privacy and Security Rule compliance; Red Flag Rules compliance; Genetic Information Nondiscrimination Act (GINA) compliance; 42 C.F.R. Part 2 federal alcohol and drug abuse privacy compliance, Federal Trade Commission (FTC) Act privacy/security compliance, PCI DSS Standards Compliance; Gramm-Leach-Bliley Act (GBLA) privacy compliance; General Data Protection Regulation (GDPR) compliance; Family Educational Rights and Privacy Act (FERPA) compliance, and state consumer protection privacy, security and breach notification laws. She is approved cyber incident and investigations counsel for two of the largest insurance carriers in the world.

She is a recognized authority in Emergency Medical Treatment and Labor Act (EMTALA) compliance, investigations, hearings, and survey responses; fraud and abuse compliance plans, Joint Commission, and licensure compliance; reimbursement issues; contract drafting and general business advice; and many other regulatory and compliance matters pertinent to large and small businesses, device/pharmaceutical manufacturers, and healthcare entities.

Gina has authored numerous data privacy/security and healthcare materials including HIPAA Privacy and Security policy manuals, licensure policy manuals, Internet-based employee training modules, and fraud and abuse compliance plans/programs. She is a frequent speaker at data security tabletops and speaks often on the topics of managing ransomware attacks, HIPAA and EMTALA compliance, data breaches, and various other privacy and healthcare topics.

Gina was selected by the U.S. Commission on Civil Rights as a national EMTALA legal professional and provided oral testimony for a U.S. Commission on Civil Rights (USCCR) hearing in Washington, D.C. and corresponding written testimony, which was included in the USCCR "Patient Dumping" report as Congressional testimony to the President of the United States and the United States Congress (submitted September 2014).

Gina is very active in her community and church and has served on numerous philanthropic/nonprofit fundraising committees and boards of directors, including service to organizations like Goodwill and to the Campus Clubs Ministries, which is committed to supporting impoverished children who live in gang infested neighborhoods, assisting the children in developing social and educational skills through one-on-one mentoring, after-school and summer tutoring, and other active support programs. Gina believes change starts with changing herself and then trying to help those less fortunate one child at a time. The Greenwoods served as host family (in a child fostering-type program) to the Masonic Home of Georgia.

Experience

The following is a selected sampling of matters and is provided for informational purposes only. Past success does not indicate the likelihood of success in any future matter.

Experience

  • Successfully defended hundreds of financial institutions, health systems, educational institutions, manufacturing entities, insurance-related companies, and other businesses in data security breaches and the corresponding federal and state law requirements and investigations; served as regulatory counsel in numerous privacy lawsuits
  • Co-authored thousands of pages of data security policies and procedures, presented lectures at statewide hospital training conferences, and conducted daily help-line services for a hospital association's HIPAA Privacy and Security Compliance Program.
  • Advised HIPAA Covered Entities and Business Associates in HIPAA Privacy, Security, and Breach Notification compliance and state consumer privacy compliance
  • Served as lead regulatory attorney advising hospitals in the implementation of electronic health records systems (meaningful use) and the donation of technology to physician groups and health information exchanges
  • Conducted risk assessments of numerous companies to develop work plans to address and reduce legal liabilities associated with data security
  • Drafted PCI Compliance programs for merchants
  • Provided direct, daily (offsite and onsite) general business and regulatory compliance guidance to health systems, hospitals, psychiatric facilities, pharmacies, skilled nursing facilities, hospices, dialysis companies, personal care homes, physician/dental practices, and ambulance providers
  • Served as lead and/or co-regulatory compliance counsel in billion-dollar corporate transactions
  • Successfully defended numerous hospitals in EMTALA investigations, including drafting plans of correction and representing entity at administrative Quality Improvement Organization (QIO)/Physician Review Organization (PRO) hearings; drafted and implemented extensive EMTALA compliance programs; provided direct on-site support for hospitals; defended providers in private litigation claims; provided employee and medical staff training
  • Analyzed and structured numerous business, marketing and regulatory scenarios to assist hospitals (and other healthcare entities) and device/pharmaceutical manufacturers in complying with fraud and abuse laws
  • Authored fraud and abuse compliance plans/programs, codes of conduct, and employee manuals for various types of healthcare entities; served as regulatory counsel to clients and the litigation teams in fraud and abuse government investigations
  • Served as regulatory counsel in numerous fraud and abuse internal and governmental investigations

Internships

  • The Honorable Judge Tommy Day Wilcox Jr., Superior Court Judge of the Macon Judicial Circuit (Summer 1999)

Education

  • Mercer University, JD (2001)
    • Advanced Legal Writing Certification
    • Faculty Award for Outstanding Achievement in Legal Writing
    • President, Association of Women Law Students
    • Vice President of Public Relations, Moot Court Executive Board
    • Recipient, National Association of Women Lawyers Award for Philanthropic Activities
    • Member, National Order of Barristers
  • University of Georgia, BS, magna cum laude (1993)

Admissions

  • Georgia

Practice Areas

Industries

The bar rules of some states require that the standards for an attorney's inclusion in certain public accolades or recognitions be provided. When such accolades or recognitions are listed, a hyperlink is provided that leads to a description of the respective selection methodology.

  • Member, Georgia State Bar Association (Health Law Section)
  • Member, American Health Law Association
  • Member, Georgia Academy of Healthcare Attorneys
  • Member, International Association of Privacy Professionals (IAPP)