Skip to Main Content
Patricia A. Markus, JD, CIPP/US

Patricia A. Markus, JD, CIPP/US

Partner

301 Hillsborough Street
Suite 1400
Raleigh, NC 27603
trish.markus@nelsonmullins.com

Trish Markus represents healthcare providers and health technology companies across the country on wide-ranging regulatory compliance, reimbursement, licensure, and operational matters, with a special focus on issues surrounding health information privacy, security, and technology. She regularly advises clients on ways to use technology to improve healthcare access and outcomes while assuring compliance with applicable data privacy...

Trish Markus represents healthcare providers and health technology companies across the country on wide-ranging regulatory compliance, reimbursement, licensure, and operational matters, with a special focus on issues surrounding health information privacy, security, and technology. She regularly advises clients on ways to use technology to improve healthcare access and outcomes while assuring compliance with applicable data privacy and security laws and other healthcare regulatory requirements. Trish provides strategic and practical advice regarding HIPAA, 42 CFR Part 2 (federal regulations addressing Confidentiality of Substance Use Disorder Patient Records), the FTC’s Health Breach Notification Rule, and state data privacy and security laws; the 21st Century Cures Act’s information blocking and interoperability requirements; telehealth initiatives, including multi-state MSO business models, remote monitoring arrangements, reimbursement options, prescribing limitations, corporate practice of medicine and fee-splitting limitations, and requirements for patient consent and preconditions for recording telehealth interactions; electronic health record system adoption and extension of systems to community providers; health information exchange initiatives, including the eHealth Exchange; technology licensing and services arrangements; cybersecurity risks and data breach prevention and response; and compliance and fraud and abuse matters. She also works with physicians, hospitals, accountable care organizations, post-acute care facilities, behavioral health and substance use disorder facilities, and pharmacies on licensure and reimbursement matters, acquisitions, and divestitures. She writes frequently and speaks nationally on healthcare and data privacy topics.

Trish is a Chicago-area native and lifelong Cubs fan whose first aspiration was to become a Chicago Cub. When the inherent improbability of that dream became apparent, she determined she would become the Cubs' team physician. After struggling with college biochemistry and realizing that she had inherited her journalist parents' writing skills, she decided to attend law school instead. She relocated to Raleigh in 1995, in part to escape Chicago winters.

When not practicing law, Trish enjoys jogging, gardening, crosswords, traveling, attending and watching baseball games, reading, learning about and tasting wine, and spending time with her husband and their two rabbits.

Patricia A. Markus, JD, CIPP/US

and security laws and other healthcare regulatory requirements. Trish provides strategic and practical advice regarding HIPAA, 42 CFR Part 2 (federal regulations addressing Confidentiality of Substance Use Disorder Patient Records), the FTC’s Health Breach Notification Rule, and state data privacy and security laws; the 21st Century Cures Act’s information blocking and interoperability requirements; telehealth initiatives, including multi-state MSO business models, remote monitoring arrangements, reimbursement options, prescribing limitations, corporate practice of medicine and fee-splitting limitations, and requirements for patient consent and preconditions for recording telehealth interactions; electronic health record system adoption and extension of systems to community providers; health information exchange initiatives, including the eHealth Exchange; technology licensing and services arrangements; cybersecurity risks and data breach prevention and response; and compliance and fraud and abuse matters. She also works with physicians, hospitals, accountable care organizations, post-acute care facilities, behavioral health and substance use disorder facilities, and pharmacies on licensure and reimbursement matters, acquisitions, and divestitures. She writes frequently and speaks nationally on healthcare and data privacy topics.

Trish is a Chicago-area native and lifelong Cubs fan whose first aspiration was to become a Chicago Cub. When the inherent improbability of that dream became apparent, she determined she would become the Cubs' team physician. After struggling with college biochemistry and realizing that she had inherited her journalist parents' writing skills, she decided to attend law school instead. She relocated to Raleigh in 1995, in part to escape Chicago winters.

When not practicing law, Trish enjoys jogging, gardening, crosswords, traveling, attending and watching baseball games, reading, learning about and tasting wine, and spending time with her husband and their two rabbits.

Trish Markus represents healthcare providers and health technology companies across the country on wide-ranging regulatory compliance, reimbursement, licensure, and operational matters, with a special focus on issues surrounding health information privacy, security, and technology. She regularly advises clients on ways to use technology to improve healthcare access and outcomes while assuring compliance with applicable data privacy... and security laws and other healthcare regulatory requirements. Trish provides strategic and practical advice regarding HIPAA, 42 CFR Part 2 (federal regulations addressing Confidentiality of Substance Use Disorder Patient Records), the FTC’s Health Breach Notification Rule, and state data privacy and security laws; the 21st Century Cures Act’s information blocking and interoperability requirements; telehealth initiatives, including multi-state MSO business models, remote monitoring arrangements, reimbursement options, prescribing limitations, corporate practice of medicine and fee-splitting limitations, and requirements for patient consent and preconditions for recording telehealth interactions; electronic health record system adoption and extension of systems to community providers; health information exchange initiatives, including the eHealth Exchange; technology licensing and services arrangements; cybersecurity risks and data breach prevention and response; and compliance and fraud and abuse matters. She also works with physicians, hospitals, accountable care organizations, post-acute care facilities, behavioral health and substance use disorder facilities, and pharmacies on licensure and reimbursement matters, acquisitions, and divestitures. She writes frequently and speaks nationally on healthcare and data privacy topics.

Trish is a Chicago-area native and lifelong Cubs fan whose first aspiration was to become a Chicago Cub. When the inherent improbability of that dream became apparent, she determined she would become the Cubs' team physician. After struggling with college biochemistry and realizing that she had inherited her journalist parents' writing skills, she decided to attend law school instead. She relocated to Raleigh in 1995, in part to escape Chicago winters.

When not practicing law, Trish enjoys jogging, gardening, crosswords, traveling, attending and watching baseball games, reading, learning about and tasting wine, and spending time with her husband and their two rabbits.

Experience

The following is a selected sampling of matters and is provided for informational purposes only. Past success does not indicate the likelihood of success in any future matter.

HIPAA and Health Information Technology

  • Represented clients in development of regional and enterprise-wide health information exchange organizations (HIEs), including establishment of governance structures, data use and sharing agreements, technology licensing agreements, privacy and security policies and procedures, advice on operational matters, and contracts with other regional and national HIEs
  • Assisted hospital systems and physician practices in negotiating and licensing agreements for electronic health record software systems and telehealth solutions, in preparing contracts for  hospitals’ provision of subsidized EHR technology and services to community medical practices, and in extending hospitals systems’ EHR licenses to managed hospitals within systems
  • Assisted hospitals and physician practices in operational aspects of implementing EHR systems, including preparing privacy and security policies and processes, crafting patient portal and remote access agreements, and preparing policies and processes for BYOD and secure texting
  • Reviewed and negotiated wide variety of health IT agreements, including electronic health record software, cloud storage, data supplier, value-added reseller, data analytics, and clinical data registry agreements
  • Assisted statewide industry association in structuring and preparing various data analytics and data exchange agreements to assist association members in various population health management, quality improvement, and patient support programs
  • Represented telemedicine mobile application start-up and company seeking to offer second opinion consultations by nationally-recognized experts in assessing possible corporate structures, business models, and payment options and understanding resulting fraud and abuse, corporate practice of medicine, fee-splitting, reimbursement, data privacy and security, and operational limitations and requirements
  • Assisted clients in preparing multistate analyses of corporate practice of medicine and fee splitting laws, physician and other practitioner licensure and scope of practice requirements, and available payment for services provided through telemedicine technologies
  • Counseled wide variety of provider clients and business associates on whether specific data breach circumstances require breach notification under HIPAA and applicable state data breach laws, identified mitigation strategies, and assisted with reporting obligations
  • Represented hospitals, physicians, and business associates in responding to data breaches and Office for Civil Rights investigations
  • Assisted substance use disorder providers in responding to subpoenas for substance abuse disorder records and in updating release of information forms and policies to conform to changing requirements of 42 CFR Part 2 
  • Counseled data analytics start-up on regulatory implications of licensing de-identified health data from organizations and sub-licensing such de-identified data sets to research organizations seeking large data sets

Healthcare Corporate, Regulatory, and Licensure Matters

  • Assisted providers in addressing questions about Paycheck Protection Program, Medicare Provider Relief Fund, and various state and federal regulatory waivers and flexibilities issued during COVID–19 emergency
  • Represented dozens of providers in responding to Medicare, Medicaid, and other insurer audits and appeals of recoupment and repayment demands, including Administrative Law Judge hearings
  • Represented substance use disorder providers in acquisitions and divestitures and licensure, reimbursement, regulatory compliance, and operational matters
  • Assisted national outpatient services provider with Medicaid enrollment issues and matters before pharmacy board   
  • Assisted physician practices and hospitals in all aspects of medical practice start-ups, divestitures, joint arrangements, and disputes
  • Performed compliance review of policies and operational practices of accountable care organization and provided report outlining suggested remediation measures
  • Served as local counsel to publicly traded post-acute care companies in acquisitions, refinancings, and state Medicaid enrollments and licensure issues
  • Structured management services arrangements for physicians, dentists, chiropractors, and other practitioners to avoid corporate practice of medicine and fee-splitting concerns

Education

  • Boston College Law School, JD
  • Haverford College, BA, English, with honors

Admissions

  • North Carolina
  • Illinois

Clerkships

  • Law Clerk, The Honorable Robert W. Cook, Illinois Court of Appeals, Fourth Circuit
  • Law Clerk, The Honorable Willis P. Whichard, North Carolina Supreme Court

Practice Areas

The bar rules of some states require that the standards for an attorney's inclusion in certain public accolades or recognitions be provided. When such accolades or recognitions are listed, a hyperlink is provided that leads to a description of the respective selection methodology.

  • North Carolina Institute of Medicine
    • Board of Directors, 2024 – present
    • Member, 2018 – present
  • American Health Law Association:
    • President (2023–2024)
    • President Elect (2022–2023)
    • President–Elect Designate (July 2021–June 2022)
    • Board of Directors (July 2015–present)
    • Chair, HIT Practice Group (July 2012–June 2015); Vice Chair (July 2008–June 2012)
    • Co–leader, Privacy and Security Compliance and Enforcement Affinity Group, HIT Practice Group (2006–2008)
  • North Carolina Bar Association:
    • Chair, Health Law Section (2012–2013)
    • Health Law Section Council (2006–2009)
    • Communications Committee (2002–present)
  • Member, Health Information Management Systems Society
  • North Carolina Healthcare Information and Communications Alliance, Legal Work Group (2006 – 2012)
  • American Health Information Management Association:
    • Health Information Exchange Council (2008)
    • e–HIM Workgroup on HIM in Health Information Exchange (2007)
  • North Carolina Society of Healthcare Attorneys:
    • President (2003–2004)
    • Board of Directors (2000–2007)
  • Member, NC Health Information Exchange Legal and Policy Work Group (2010–2011)
  • Co–Chair, Legal Work Group and Implementation Plan Work Group, North Carolina Health Information Security and Privacy Collaboration (HISPC) Project (2006–2009)
  • Young Executive Committee, American Heart Association Greater Raleigh Heart Gala (2003)