Tracy is co-chair of the firm's cybersecurity and data privacy practice, deputy chair of the health care and long term care practice, and a member of the higher education practice. In seeking solutions to her client’s business, legal and strategic goals, Tracy draws upon her experience as outside counsel, former general counsel and policy maker.
Tracy has an extensive practice in regulatory and corporate compliance, cybersecurity, and data privacy. She assists clients proactively to develop effective compliance, cybersecurity and privacy programs and address identified vulnerabilities. Tracy has trained and advised boards about their oversight duty, prepared policies and procedures, provided workforce training, advised about breach preparedness and response, and prepared third party agreements. With regard to corporate compliance, she has conducted investigations and effectiveness reviews to identify gaps and strengthen compliance programs.
As part of her broad regulatory practice, Tracy routinely advises clients about cybersecurity and data privacy. Specifically, her experience includes:
- Advising about response to data breaches, including investigations, notice, and remediation;
- Advising about cybersecurity and privacy policies, gap analysis, policy development, implementation, and oversight, and insurance and breach preparedness;
- Addressing board governance structures, training, and internal reporting to meet fiduciary standards;
- Advising health systems, hospitals, and other providers about compliance with federal and state laws and regulations as they exchange data to participate in federal and state health reform;
- Preparing business associate and other third party agreements;
- Conducting workforce training;
- Advising about compliance with state breach notification laws; and
- Counseling clients on a wide array of issues posed by HIPAA compliance.