Lyles, Kevin D.

Current Employment Position(s)

Partner

Lawyer Overview

Kevin Lyles practices in the areas of health care transactions, privacy and data security, and outsourcing. He co-chairs the Firm's Health Care practice and oversees the Firm's Privacy & Data Security practice.

Kevin's health care practice focuses on significant transactions, including hospital change-in-control transactions, structuring physician/hospital joint ventures, formation of accountable care organizations and co-management arrangements, and reorganization of academic medical center relationships. Kevin also counsels clients on fraud and abuse and Stark Law compliance. He has represented hospital systems, academic medical centers, children's hospitals, physician organizations, health insurers, and pharmaceutical and medical device companies.

Kevin is experienced in privacy and data security matters, including developing data privacy and security compliance programs, cross-border data transfers, responding to data security breaches, privacy policies, identity theft prevention programs, and compliance with federal and state regulatory requirements, including HIPAA, the Red Flag Rules, the EU Data Protection Directive, and the Gramm-Leach-Bliley Act.

Kevin also is an experienced outsourcing lawyer, concentrating in customer side transactions. His practice includes business process and information technology outsourcing, with significant offshoring experience. His recent experience includes the outsourcing of HR, information technology, revenue cycle, finance and accounting, and benefit plan administration services.

Kevin is a member of the American Health Lawyers Association and serves as co-leader of its Electronic Health Records Affinity Group. He has served on the advisory boards for the Healthcare Outsourcing Congress, the Privacy2000 conference series, and MD Net Guide. He serves on the boards of the National Healthcare, Research and Education Finance Corporation and CATCO-Phoenix, Inc.

Areas of Practice

• Health Care
• Outsourcing
• Privacy & Data Security
• Health Care Transactions
• Health Care Compliance Counseling & Regulatory Advice
• Health Care Private Equity
• Licensing & Technology Transactions

Representative Cases

• Adobe seeks counseling on privacy compliance project
• Aventis forms strategic alliance with healthcare technology provider , (2009)
• Aventis takes steps to provide global privacy and launches MyDocOnline web site , (2009)
• Baptist Health teams with Siemens Medical Solutions on outsourcing agreement , (2009)
• Bon Secours acquires Franciscan Health Partnership , (2009)
• Bon Secours establishes cardiothoracic surgery program with Columbia University
• Bon Secours Health System advised on software licensing and purchase
• Bunge develops privacy compliance program for internal and Internet data collection
• Bunge seeks IP advice on development of electronic signature platform for e-commerce
• Capital BlueCross and Delta Dental negotiate benefits , (2009)
• Capital BlueCross and WebMD negotiate license agreement
• Capital BlueCross institutes prescription drug program , (2009)
• Capital BlueCross institutes vision benefit services , (2009)
• Capital BlueCross negotiates software applications with TriZetto Group
• Childrens Hospital Los Angeles outsources enterprise software management to IBM , (2009)
• Cleveland Clinic Foundation develops on-line personal health record system with Google , (2009)
• Community Memorial Health outsources revenue cycle services to Accretive Health , (2009)
• CPP Holdings finances Metris Companies acquisition , (2009)
• Dana negotiates human resources outsourcing agreement with IBM
• Dana negotiates outsourcing of finance and accounting operations , (2009)
• Dell establishes privacy compliance for financial institutions customers
• Experian conducts multi-state privacy law analysis , (2009)
• FDS Bank evaluates privacy requirements concerning use of credit card information acquired in Federated's acquisition of Marshall Fields
• Guardian Pharmacy seeks regulatory advice , (2009)
• Howard County Health System is sold to Johns Hopkins
• IBM Credit analyzes Gramm Leach Bliley Act and FTC requirements regarding use and discourse of customer credit information
• Intuit acquires StepUp Commerce , (2009)
• Lee Memorial Health System acquires two Florida hospitals from HCA , (2009)
• Loyola University Health System acquires Gottlieb Memorial Hospital , (2009)
• Loyola University Health System integrates with Physician Foundation , (2009)
• Manufacturing company to outsource HR , (2009)
• Marathon Oil reviews Red Flag Rules , (2010)
• Marathon Oil secures its customer data , (2010)
• MedStar Health acquires Georgetown University Medical Center , (2009)
• Memorial Health System and Cerner Corp. create wireless network for managing medical data , (2009)
• National bank responds to data security breach involving theft of mortgage loan customer data
• National employer association seeks to create health insurance vehicle for uninsured , (2009)
• Noro-Moseley invests in Lanx, Inc. , (2009)
• Noro-Moseley invests in RenalCare Partners , (2009)
• OGE develops identity theft program , (2010)
• OGE secures its customer data , (2010)
• Outsourcing vendor advised on data security breach , (2009)
• Pfizer develops global privacy and data protection program , (2009)
• Pfizer resolves international data transfer and use issues related to Pharmacia acquisition , (2009)
• ProMedica and the University of Toledo form health education partnership
• ProMedica in joint venture to acquire linear accelerator and operate radiation therapy treatment center , (2010)
• Rockford Anesthesiologists incorporates HIPAA compliance , (2009)
• Starbucks' benefits administration services agreement to be outsourced , (2009)
• Starbucks outsources health plan administration , (2009)
• Two Columbus theatre companies merge in an attempt to better serve the community
• University Hospitals Health System outsources IT function , (2009)
• Washington Mutual negotiates benefits administration outsourcing agreement , (2009)
• Washington Mutual outsources management of health-care information , (2009)
• Washington Mutual procures onshore and offshore global services under master agreement , (2009)
• Xcel Energy reviews its data protection plans , (2010)
• Yale-New Haven Health Services puts electronic medical records system in place , (2010)

West Practice Categories

Business Organizations, Disability, Elder Law, Food & Drug Administration, Health & Health Care Law, Hospital Law, Intellectual Property Law, Medicare & Medicaid, Mental Health, Mergers, Acquisitions & Divestitures, Nursing Home, Reorganizations, Social Security -- Disability, Technology Licensing

Bar Admissions

• Ohio

Education

• Ohio State University

Published Works

• Healthcare Outsourcing Overview: Staying Focused in Uncertain Times, Teaching Hospitals & Academic Medical Centers, American Health Lawyers Association, 2010
• Massachusetts Law Raises the Bar for Data Security, 2010
• Data Security, Third-Party Privacy Claims, and Insurance Coverage Under CGL "Personal and Advertising Injury" Coverage, 2010
• Nevada Imposes New Requirements for Credit Card Transactions and Data Transfers, 2009
• A Privacy Primer for Corporate Counsel, Thomson Reuters/Aspatore, 2009
• Merchants Must Be Aware of Potentially Mishandled Credit Card Information, Privacy & Data Security Law Journal, 2009
• Identity Theft Red Flag and Address Discrepancy Requirements, Health Care Compliance Professional's Manual, CCH, 2009
• Red Flag Rules Require Companies to Take Identity Theft Seriously, reprinted in Pennsylvania Bar Association, Business Law Section Newsletter, 2009
• Stimulus Bill Substantially Revises HIPAA's Privacy and Security Rules, 2009
• California Expands Medical Privacy Laws with New Standards, Oversight, and Administrative Penalties, 2008
• Red Flag Rules Require Companies to Take Identity Theft Seriously, 2008
• California Expands Security Breach Notification Law to Include Medical and Health Insurance Information, 2008
• Stark Phase III Guidance Collection, American Health Lawyers Association, 2008
• Responding To Data Security Breaches, Privacy & Information Law Report, Vol. 8, Iss. 11, 2007
• Responding to Data Security Breaches, HCCA Compliance Today, Vol. 9, No. 11, 2007
• Treat Security Breaches With Caution, HIT News (an American Health Lawyers Association publication), Vol. 10, Iss. 3, 2007
• Stark on the Fast Track: Separate Rulemaking Threatens Many Common Deals, 2007
• Fed Encourages Use of Electronic Health Records and E-prescriptions, Columbus Business First, 2007
• Use of Electronic Health Records and E-Prescribing Growing—Albeit Slowly, Health Law Reporter, BNA, 2007
• Health Care Law Update chapter, coauthor, Aspen Publishers 2007 Health Law and Compliance Update, 2007
• Welcome to the Electronic Jungle: E-Prescribing, Medicare Part D, and HIPAA, AHLA Newsletter, 2006
• Hospitals Should Exercise Caution: Public Policy May Invalidate Economic Credentialing Policies, 2006
• Ohio Enacts Security Breach Notification Law, 2006
• Welcome to the Electronic Jungle: E-Prescribing, Medicare Part D, and HIPAA, 2005
• HIPAA Security: How compliant are you? Compliance Today, Health Care Compliance Association, 2005
• New HIPAA Rules for Group Health Plans and Health Insurers, 2005
• CAN-SPAM Act: 'How Nonspamming Business Can Survive Federal Spam Restrictions', 2004
• New Rules for Physician-Hospital Joint Ventures, coauthor, Business First, 2004
• Appeals Court Clarifies Rules for Hospital Joint Ventures, 2004
• The Federal CAN-SPAM Act -- New Requirements for Commercial E-Mail, 2004
• The ABCs of Information Technology Outsourcing, 2004
• OIG to Scrutinize "Suspect Contractual Joint Ventures", 2003
• Is Outsourcing a Cure for the IT Blues?, 2003
• Proposed Modifications to HIPAA’s Privacy Rule, 2002

Address

P.O. Box 165017
325 John H. McConnell Boulevard
Suite 600
Columbus, OH 43216-5017

Phones

1.614.281.3821 (Business Phone)

Faxes

1.614.461.4198 (Business Fax)

Emails

Contact Us (Business Email)

Websites

http://www.jonesday.com