Download Contact (.vcf)
Washington Direct: 202.585.6552 General: 202.585.6500 Fax: 202.585.6600
Georgetown University Law Center, L.L.M., Advocacy, 2002.
Georgetown University Law Center, J.D., magna cum laude, 1995. Executive Editor, Georgetown Law Journal.
Johns Hopkins School of Hygiene and Public Health, M.P.H., Public Health, Health Care Finance, 1993.
University of Maryland, College Park, B.S. and B.A., Journalism, magna cum laude, English, 1986.
Deven McGraw is a partner in the healthcare practice of Manatt, Phelps & Phillips, LLP. She provides legal, regulatory and strategic policy and business counsel to healthcare providers, payers and other healthcare organizations with respect to the adoption and implementation of health IT and electronic health information exchange. Her areas of focus include HIPAA/privacy advice and compliance, data security, data governance, research and health data analytics, health IT policy, and patient engagement.
Previously, Ms. McGraw was the Director of the Health Privacy Project at the Center for Democracy & Technology (CDT). In this role she led efforts to develop and promote workable privacy and security protections for electronic personal health information.
Ms. McGraw’s background includes service on a number of committees established by the U.S. Department of Health and Human Services (HHS) and other workgroups to provide guidance on a wide array of health IT, privacy and security policy and business issues. She was one of three persons appointed by former HHS Secretary Kathleen Sebelius to serve on the Health Information Technology (HIT) Policy Committee, a federal advisory committee established in the American Recovery and Reinvestment Act of 2009. As a part of this committee, she serves on the Meaningful Use workgroup, chairs the Privacy and Security Tiger Team and is cochair of the Information Exchange workgroup.
Prior to CDT, Ms. McGraw was the Chief Operating Officer at the National Partnership for Women & Families. Her responsibilities included providing strategic direction and oversight for all of the organization’s core program areas, including the promotion of initiatives to improve healthcare quality. Earlier in her career, Ms. McGraw was an associate in the public policy and healthcare groups of two international law firms. She also served as Deputy Legal Counsel to the Governor of Massachusetts and taught in the Federal Legislation Clinic at the Georgetown University Law Center.
Coauthor, “Business Associate Compliance With HIPAA: Findings From a Survey of Covered Entities and Business Associates,” Funded by the California HealthCare Foundation, October 2014.
Coauthor, “Confidentiality of Health Information in PHRs and
Mobile Health Apps in California,” iHealthBeat, September 22, 2014.
Coauthor, “Engaging Patients While Addressing Their Privacy Concerns: The Experience of Project HealthDesign,” Personal and Ubiquitous Computing, August 2014.
“Ethics, Regulation, and Comparative Effectiveness Research: Time for a Change,” Journal of the American Medical Association, April 16, 2014.
“Building Public Trust in Uses of HIPAA De-Identified Data,” Journal of American Medical Informatics Association, June 2012.
“Gov't Promotes Consistent Approaches to Consumer and Health Data Privacy,” iHealthBeat, May 24, 2012.
“Paving the Regulatory Road to the ‘Learning Health Care System,’ ” Stanford Law Review, February 8, 2012.
“Time for Action on Health Privacy,” iHealthBeat, January 9, 2012.
“A Policy and Technology Framework for Using Clinical Data to Improve Quality,” Houston Journal of Health Law & Policy, 2012.
“Lack of Genuine Privacy Interest Doomed Vermont Drug Marketing Law,” iHealthBeat, July 11, 2011.
“Supreme Court Case on Rx Data Mining Requires Nuanced Understanding of Privacy,” iHealthBeat, April 19, 2011.
Admitted to practice in the District of Columbia and the Commonwealth of Massachusetts.
Chair, Privacy and Security Tiger Team; CoChair, Information Exchange Workgroup; and Member, Meaningful Use Workgroup, Health Information Technology (HIT) Policy Committee established in the American Recovery and Reinvestment Act of 2009, 2010-present.
CoChair, Confidentiality, Privacy and Security Workgroup, and Member, Personalized Health Care Workgroup, of American Health Information Community, 2006-2008.
Member, Leadership Committee, eHealth Initiative.
Member, Steering Group, Markle Foundation’s Connecting for Health, 2008-2012.
Member, Digital Health Council, World Economic Forum, 2011-present.
Member, Advisory Board, Health Data Consortium, 2012-present.
Speaker, “Meaningful ‘Re-use’ of Health Data—Confronting and Resolving the Policy and Ethical Issues,” New York eHealth Collaborative (NYeC) Digital Health Conference, New York, NY, November 17, 2014.
Speaker, “Developments and Trends in Patient Privacy,” Health Information and Management Systems Society (HIMSS) 2014 Annual Conference, Orlando, FL, February 23-27, 2014.
Speaker, “Protecting Patient Rights While Exchanging Data,” 2013 Health Data Exchange & Interoperability Summit, Washington, DC, October 30-31, 2013.
Speaker, “Evolving Security of Electronic Patient Data,” RSA Conference, San Francisco, CA, February 25 – March 1, 2013.
Speaker, Keynote Address, 21st National HIPAA Summit, Washington, DC, February 19-21, 2013.
Speaker, “eHealth: Securing Patient Records,” RSA Conference, San Francisco, CA, February 27 – March 2, 2012.
Speaker, “Protecting Patient Privacy in a Wireless, Networked World. What Are the Rules and to Whom Do They Apply?” California Healthcare Institute, La Jolla, CA, August 4, 2011.
© 2014 Manatt, Phelps & Phillips, LLP. All rights reserved.