Summary
Overview
Work History
Education
Certification
Court Admissions
Affiliations
Timeline

James Schuster

Attorney
Los Angeles,OH

Summary

Successfully extricated client from from fraud and abuse charges, saving the client substantial fines, penalties, and possibly prison time.

Put into place and practice an early warning system against allegations of fraud and abuse.

Saved client untold amounts of fraud, penalties and exclusion by self reporting suspected fraud and abuse.

Created system to for health care breach and incidents to avert United States Department of Health and Human Services Office of Civil Rights civil monetary penalty fines and penalties.

Worked with the United States Department of Health and Health and Human Services to save client from monetary exposure and recouping millions os dollars by promptly addressing late claims and disgorgement claims. Detail-oriented Compliance Manager offering [Number] years of expertise in risk management, policy development and strategic planning. Advanced knowledge of regulatory compliance with proven track record of partnering with executives and business leaders to identify vulnerabilities and create corrective actions. Collaborative and team-oriented with excellent communication and interpersonal skills to foster strategic partnerships and promote company reputation.

Overview

32
32
years of professional experience
1
1
Certification

Work History

Director of Compliance and Privacy

Flow Health Group Inc.
01.2023 - Current
  • Compliance and Privacy Director for holding company and its affiliated entities, including for entities focusing on clinical laboratory and technology, as well as managed care issues.
  • Draft policies, procedures and protocols in the areas of privacy, health and welfare benefits, security, and technology; Draft and refine health and welfare plan documents, amendments to documents to comply with the HIPAA Privacy Rule regarding the use and disclosure of Protected Health Information; Draft and negotiate Business Associate Agreements in accordance with the HIPAA Privacy Rule; Perform periodic audits of health and welfare plan documents to make sure they comport with ERISA requirements; Draft model Authorizations for use when Protected Health Information is being disclosed outside the Plan to the employer.
  • Provide counsel and advice on ERISA Plan matters as they come in, as well as matters of Stark, Anti-Kickback, EKRA, and FDA.
  • Carry out profile, impact, and gap analyses for company relative to the CCPA, as revised by CPRA, HIPAA Privacy and Security Rules, PIPEDA, GDPR, GDPR-UK, TCPA, CAN-SPAM, and U.S. State privacy laws.
  • Carry out profile, impact, gap analyses, and solutions efforts to leverage hybrid entity, multiple covered function, affiliated covered entity, and organized health care arrangement provisions of the HIPAA Privacy Rule and other data protection laws.
  • Scope out, develop, and instruct on implementing, and otherwise oversee HIPAA Privacy and data protection policies, procedures, and protocols.
  • Develop training and education modules, tools and guideposts for the business and operations to comply with fraud, abuse, anti-kickback, Stark, credentialing, HIPAA Privacy, State privacy law, security, and order processing requirements.
  • Work as part of a team as the chief person for business associate agreements and privacy provisions that are negotiated into master services agreements, statements of work, memoranda of understanding, and other contract documents.
  • Formed and participate in company’s privacy and security incident response teams and a central point of contact for privacy events, incidents, and breaches, including spearheading risk assessments, issuing, and overseeing corrective action plans, and issuing notices of breaches to HHS OCR, FTC, and other governmental bodies when required.
  • Responsible for forming and instituting regular periodic meetings of business teams and groups to emphasize privacy and compliance by design and cluster training and dialoguing on privacy, security, and other compliance topics.
  • Remain current with and update business leaders and other key stakeholders on new privacy laws and regulations and competitive benchmarking that may impact the business.
  • Oversee company’s SOC2 efforts, as well as assimilate HIPAA Security requirements into as part of company security administrative, physical, and technical safeguards, standards, and implementation specification.
  • Provide advice and counsel to Business on health care technologies, with focus on Privacy by Design, as well as address legal issues surrounding digital and other advertising.

Privacy Director

CoverMyMeds LLC
01.2020 - 01.2023
  • Strategically positioned company and its affiliated covered entities to leverage the HIPAA Privacy Rule’s hybrid entity, affiliated covered entity, and multiple covered function entity provisions.
  • Formed and headed up a multi-disciplinary privacy compliance team, developing and putting into action a comprehensive work plan for delivering a comprehensive privacy compliance program to company and its affiliated covered entities.
  • Delivered custom online and real time HIPAA, TCPA, FCRA, FTC, CCPA/CPRA and other State privacy and data protection training and education to relevant impacted personnel.
  • Further developed and refined mature privacy and security incident reporting and breach response systems.
  • Put in place and into practice privacy and data protection policies, procedures, and protocols.
  • Simplified, streamlined, automated, and improved expert and safe harbor de-identification business methods, systems, and constructs.
  • Drafted and negotiated data protection and business associate agreements with pharmaceutical manufacturers and other pharmacy entities.
  • Developed and implemented software and technologies for decision support and intelligent forms completion around breach notification, tracking HIPAA Authorizations and business associates.
  • Carried out quantitative and other auditing, monitoring, and assessments of company uses, disclosures, and other handling of personal information.
  • Carried out profile, impact, and gap analyses for company relative to the CCPA, as revised by CPRA, other State privacy laws, HIPAA Privacy and Security Rules.

Government & Private Managed Care Payor Subject Matter Expert

Price Waterhouse Coopers
01.2018 - 01.2020
  • Legal and Regulatory Content Advisor and Lead for a PriceWaterhouseCoopers start-up for the development and deployment of market driven health plan and payor software applications, including Medicare, Medicaid and Medicare-Medicaid managed care plans. The purpose of the software is to facilitate and educate compliance among government and private payor health plans, including in the areas of privacy, data protection, and security.

Senior Manager Care Oversight Manager Part D Plans

Kaiser Permanente
01.2017 - 01.2018
  • Audited database repositories of network pharmacies and ensured proper reporting to federal government.
  • Oversaw and tracked pharmacy benefit manager (“PBM”) performance goals and compliance, including on claims accuracy and timeliness and proper handling and non-commingling of Protected Health Information.
  • Developed and implemented compliance work plan on claims adjudication, explanations of benefits (“EOBs”) and for tracking and trending opioid over-utilization; Leveraged disparate software and technologies to track and trend Medicare Advantage claims adjudication patterns, appeals and opioid over-utilization.
  • Developed and instructed others to carry out policies and procedures, claims denials and communications.
  • Integrated KPWA compliance practices to conform with Kaiser Permanente National operations; Interpreted and applied relevant statutes, regulations, and non-regulatory guidance to program.

Senior Compliance Officer

EnvisionRX
01.2015 - 01.2016
  • Senior Corporate Compliance Officer to PBM, Chief Privacy Officer of Envision’s Mail Order Pharmacy Operations, specialty, compound, and mail order pharmacy.
  • Counsel and advise on fraud and abuse, anti-kickback, Stark self/referral, and false claims matters.
  • Corporate Compliance Liaison to Medicare Part D, MAPD and Medicaid plans.
  • Worked with the pharmacy team to carry out and implement corrective action plans to improve getting patient medications to the right place, thus dramatically reducing the incident of unauthorized uses and disclosures of patient personal information.
  • Chief Privacy Officer of Mail Order Pharmacy.
  • Handle, fraud, abuse, anti-kickback, pharmacy-related, and Stark matters.

Partner

Roetzel & Andress Law Firm
01.2013 - 01.2015
  • Counsel and advisor to health care providers and business associates on HIPAA Privacy, billing and reimbursement, fraud and abuse, anti-kickback, Stark, false claims, privacy, security, and other matters.
  • Draft and revise Summary Plan Descriptions for educational entities for health reimbursement arrangements.
  • Draft Plan Amendments to Plan Documents to take into account the HIPAA Privacy Rule.
  • Provide advice and counsel for when a HIPAA Authorization is necessary for an employer to obtain Protected Health Information from a Plan.
  • “Go to” person for reviewing and drafting agreements that address healthcare regulations, including, Stark, anti-kickback, fraud and abuse, HIPAA Administrative Simplification, and licensing, certification, and credentialing.

Professor

John Marshall Law School
01.2011 - 01.2015
  • Professor of health care privacy and security law, leveraging visual modeling techniques for students to learn and know how to profile any entity vis-à-vis HIPAA Privacy and Security Rules and other data protection requirements and laws.
  • Instruct on healthcare providers and other entities are directly and indirectly impacted by the HIPAA Privacy and Security Rules, including walking them through the HIPAA Privacy Rule nuanced provisions on ERISA Plans and the relationship of the employer and the Plan.
  • Instruct students to assess compliance for entities relative to the HIPAA Privacy and Security Rules and recommend solutions for how such entities can become and stay compliant with the HIPAA Privacy and Security Rules.

Principal

McCarthy Lebit Law Firm
01.2011 - 01.2013
  • Principal, responsible for firm’s regulatory health care privacy, security and compliance and trademark and patent practices, achieving 3x business growth in those areas for the firm.
  • Draft and revise ERISA Summary Plan Descriptions and associated documents and schedules.
  • Affordable Care Act resident expert.
  • Provided every day regulatory health care privacy and security counsel to physician practices, mental health and long-term care providers and health care clearinghouses on litigation and risk mitigation matters of health care consumer privacy and security; fraud, abuse, anti-kickback and Stark; provider enrollment and credentialing; billing and reimbursement, general compliance and risk mitigation.
  • Corporate and regulatory health care counsel for the formation and establishment of a group purchasing organization specific to the field of urology.

Chief Legal Counsel & Advisor

JSA, LLP
01.2003 - 01.2011
  • General Counsel for BrandImage, a multi-national advertising, branding, and design company, including for the United States, Brussels, Belgium, Paris, France, Hong Kong, and Seoul, South Korea, as well as Tokyo, Japan.
  • Engaged by Duke Energy to make its self-insured & fully insured plans & options compliant with federal law on HIPAA Privacy and Security, Summary Plan Descriptions, Form 5500s, and other health and welfare benefits matters.
  • Engaged by counties, municipalities, professional sports franchises, and other entities to carry HIPAA Privacy and Security profile and impact analyses and, as applicable, work with such entities to create and implement hybrid entity privacy and security compliance structures around their respective covered functions.
  • On shared-time basis, served as chief compliance, privacy and security officer to self- and fully insured health plans, institutional providers, third party billing companies, physician practices and medical transportation companies.
  • Litigation and Corporate counsel to third party medical billing company, including on corporate restructuring, asset purchases, client services agreement, and on federal and State health care and privacy and security laws.
  • Drafted and negotiated Asset Purchase Agreement for medical billing and software client with multi-billion-dollar hospital system;
  • Developed Patented Business Methods and Systems in the fields of Compliance, Certification, and Risk Mitigation.
  • Counseled and advised on false claims, anti-kickback, Stark, and fraud and abuse matters.

Senior Associate

Taft, Stettinius, and Hollister, LLP
01.2000 - 01.2003
  • Defended federal false claims cases for clients.
  • Gave counsel and advice on federal anti-kickback, Stark, and fraud and abuse matters.
  • Founding Attorney of HIPAA Privacy Practice Group.
  • Founding Member of Ohio HIPAA Implementation Organization for Electronic Data Interchange
  • Developed HIPAA Privacy and Security Plans for physician practices.
  • Provided Legal Counsel and Advice on HIPAA Privacy and other Privacy and Confidentiality Requirements.
  • Developed 700-page decision tree that deconstructed all aspects of the HIPAA Privacy Rule and other data protection laws, thus becoming the firm’s resident expert on the HIPAA Privacy Rule and data protection.

Associate

Dinsmore and Shohl, LLP
01.1996 - 01.2000
  • Litigation Associate on health care fraud and abuse matters.

Federal Judicial Law Clerk

Hon. Carl B. Rubin U.S. District Court of the Southern District of Ohio, Western Division
01.1994 - 01.1996

Education

JD - undefined

The George Washington University National Law Center
Graduated top 5% of class, Order of the Coif.

BS - undefined

Cleveland State University, Ohio
GPA: 4.0, Summa Cum Laude

Certification

  • Certified Information Privacy Professional (US), International Association of Privacy Professionals (IAPP), Not Provided
  • Ohio Bar, 1995-11-01, active

Court Admissions

  • U.S. Court of Appeals for the Sixth Circuit, Not Provided
  • U.S. District Court for the Southern District of Ohio, Not Provided
  • U.S. District Court for the Northern District of Ohio, Not Provided

Affiliations

International Association of Privacy Professionals for United States of America and Canada

Timeline

Director of Compliance and Privacy - Flow Health Group Inc.
01.2023 - Current
Privacy Director - CoverMyMeds LLC
01.2020 - 01.2023
Government & Private Managed Care Payor Subject Matter Expert - Price Waterhouse Coopers
01.2018 - 01.2020
Senior Manager Care Oversight Manager Part D Plans - Kaiser Permanente
01.2017 - 01.2018
Senior Compliance Officer - EnvisionRX
01.2015 - 01.2016
Partner - Roetzel & Andress Law Firm
01.2013 - 01.2015
Professor - John Marshall Law School
01.2011 - 01.2015
Principal - McCarthy Lebit Law Firm
01.2011 - 01.2013
Chief Legal Counsel & Advisor - JSA, LLP
01.2003 - 01.2011
Senior Associate - Taft, Stettinius, and Hollister, LLP
01.2000 - 01.2003
Associate - Dinsmore and Shohl, LLP
01.1996 - 01.2000
Federal Judicial Law Clerk - Hon. Carl B. Rubin U.S. District Court of the Southern District of Ohio, Western Division
01.1994 - 01.1996
The George Washington University National Law Center - JD,
Cleveland State University - BS,

Similar Profiles

  • PJ RossiPJ Rossi

    Executive Director, HR Privacy, Compliance, Governance & EEO/AA Management at UNITED STATES AUTOMOBILE ASSOCIATION (USAA)Executive Director, HR Privacy, Compliance, Governance & EEO/AA Management at UNITED STATES AUTOMOBILE ASSOCIATION (USAA)

  • BETINA PETERSONBETINA PETERSON

    Director Integrity & Compliance, Privacy Officer at Saint Agnes Medical CenterDirector Integrity & Compliance, Privacy Officer at Saint Agnes Medical Center

  • ABHINAY ANANDABHINAY ANAND

    Senior Director – Data Privacy & AI Compliance at FLIPKART GROUPSenior Director – Data Privacy & AI Compliance at FLIPKART GROUP

  • Amber SimondsAmber Simonds

    System Director of Compliance & Privacy at Logan HealthSystem Director of Compliance & Privacy at Logan Health

  • COLLIN J. McDONALDCOLLIN J. McDONALD

    DIRECTOR OF COMPLIANCE, RISK MANAGEMENT & PRIVACY at Memorial Hospital Of Carbon CountDIRECTOR OF COMPLIANCE, RISK MANAGEMENT & PRIVACY at Memorial Hospital Of Carbon Count

CREATE PROFILE
James SchusterAttorney