Alisa Chestler, shareholder in the Nashville and Washington, D.C. offices of Baker
Donelson, is chair of the Firm’s Privacy and Information Security Team and a Certified
Information Privacy Professional. Ms. Chestler concentrates her practice in health care and
insurance regulatory compliance; privacy, security and records management issues; and
corporate transactions matters. She joined Baker Donelson after a distinguished career as inhouse
counsel and privacy officer to several large public and private companies.
Ms. Chestler routinely counsels clients on data privacy and security matters that arise from
federal and state laws, including HIPAA, HITECH, GLB, FCRA/FACTA, state data breach
laws and the Payment Card Industry (PCI-DSS) requirements. She assists clients in
identifying, evaluating and managing risks associated with privacy and information security
practices of companies and third parties. She has significant experience assisting companies
in developing comprehensive privacy and security programs. Her experience with
HIPAA/HITECH compliance includes preparing and negotiating business associate
agreements, developing policies and procedures, and advising clients on data breaches and
Ms. Chestler assists clients with negotiating complex information technology and
partnership agreements, including health information exchange (HIE) participation, EHR
negotiation, adoption and compliance with HITECH and meaningful use requirements, and
audits. She has also assisted clients in analyzing and negotiating cloud computing issues
In addition, Ms. Chestler counsels employers, insurers and state regulators with the evolving
Affordable Care Act (ACA) compliance and policy issues, including drafting required
updates and compliance policies and procedures and contractual relationships.
Ms. Chestler has counseled providers, managed care organizations, insurers, third-party
administrators, self-funded employers and health care specialty organizations on regulatory,
compliance and operational issues, provider contracting and credentialing, disease
management, ERISA, and compliance with Medicare Secondary Payor issues, including
MMSEA mandatory reporting obligations.
Alisa will be speaking on the Information Security Panel on Thursday, September 15th @ 9:30am.