Focus
  • Attorneys
  • Services
  • About Us
  • News
  • Events & Publications
  • Careers
  • Offices
  • Diversity

Barry S. Herrin

Atlanta
T (404) 962-1027
F (404) 962-1200
vCard

Barry Herrin is a partner in the firm's Atlanta office. His practice is devoted primarily to health care and hospital law and policy, privacy law, and representation of tax-exempt organizations, with a particular emphasis in operational and governance issues, transactional matters, mergers and acquisitions, health information management issues, and compliance matters.

Mr. Herrin is a frequent lecturer on medical records confidentiality matters and counsels clients regularly on HIPAA compliance. He has particularized knowledge in several unusual health care legal matters, such as involuntary sterilization, court-ordered medical procedures, "right to die" issues, physician-assisted suicide, and restrictive covenants, among others. He also edits the firm's e-newsletter, Legal HIMformation®.

Mr. Herrin is a Fellow of the American College of Healthcare Executives, a Candidate for Fellowship in the American Health Information Management Association, and a certified wilderness first responder.


Education

  • J.D., cum laude, Georgia State University College of Law, 1990
  • B.A., summa cum laude, with distinction, Georgia State University, 1987

Admissions

  • Georgia, 1990
  • North Carolina, 2005
  • Florida, 2008
  • United States Supreme Court
  • United States Court of Military Appeals
  • United States Tax Court
  • United States District Court, Middle District of Florida
  • United States District Court, Northern District of Georgia
  • United States District Court, Middle District of Georgia

Achievements

  • Martindale-Hubbell's top ("AV") Peer Review Rating *
  • Recognized by Chambers and Partners, USA, as one of Georgia Leaders, Healthcare (2009-2013)
  • American College of Healthcare Executives Senior-Level Healthcare Executive Regent's Award (2012)
  • American College of Healthcare Executives Distinguished Service Award (2011)
  • American Health Information Management Association, Certified in Healthcare Privacy and Security (CHPS) (2010)
  • North Carolina Health Information Management Association Honorary Member (2010)
  • American College of Healthcare Executives Service Award (2008)
  • Fellow of the American College of Healthcare Executives (FACHE) (2007)
  • Smith Moore Leatherwood LLP "Good Egg" (2004)
  • Georgia Health Information Management Association Champion Award (2004)
  • Nominee, American Health Information Management Association Triumph Award (2004)
  • James E. West Fellowship, Alapaha Area Council Boy Scouts of America (2002)
  • Claude M. Scarborough, Jr. Pro Bono Award, 1999
  • U.S. Air Force Auxiliary (Civil Air Patrol) Lifesaving Medal (1998)
  • Silver Beaver Award, Atlanta Area Council Boy Scouts of America (1996)
  • Georgia Defense Humanitarian Service Award (1994)

* CV, BV, and AV are registered certification marks of Reed Elsevier Properties Inc., used in accordance with the Martindale-Hubbell certification procedure's standards and policies.

Professional Memberships

  • American Bar Association, Health Law Section, Vice-Chair, Membership Committee (2008-2011)
  • The Florida Bar, Health Law Section
  • State Bar of Georgia, Health Law Section
  • North Carolina Bar Association, Health Law Section
  • American Health Lawyers Association
  • Florida Academy of Healthcare Attorneys
  • Georgia Academy of Healthcare Attorneys
  • North Carolina Society of Health Care Attorneys
  • American College of Healthcare Executives, Diplomate (2004); National Book of the Year Committee (2006–2009); Fellow (2007)
  • Georgia Association of Healthcare Executives, Chair, Bylaws Committee (2007-Present); Chair, Finance Committee (2007-2009); Chair, Sponsorship Committee (2009-Present); Board of Directors 
  • International Association of Privacy Professionals
  • Healthcare Information and Management Systems Society
  • American Health Information Management Association, Privacy and Security Practice Council Member (2004-2006); Action Community for e-HIM Excellence (2007-present); Candidate for Fellowship (2007); Certified in Healthcare Privacy and Security (CHPS) (2010); EHR Practice Council Member (2011-Present) 
  • Georgia Health Information Management Association, Member, Release of Information Certificate Development Committee (2007-2009); Legislative Committee Co-Chair (2009-2010); Board of Directors (2010-2011)
  • The Sedona Conference®, Member, Working Group 1 on Electronic Document Retention and Production
  • Editorial Advisory Boards, HIPAA Training Alert and Health Information Compliance Alert
  • Southern Claims Conference, Chair (2002-2003); Executive Committee (2000-2003); Faculty (1995-2003)
  • Leadership Board, Georgia State University College of Law Graduate Health Law Network (2000-2004)

Civic and Community Service

  • Life Member, National Eagle Scout Association
  • International Representative, Boy Scouts of America, Atlanta Area Council
  • JROTC Awards Coordinator, Sons of the American Revolution, Piedmont Chapter
  • Colonel, United States Air Force Auxiliary (Civil Air Patrol), Chief of the Legal Officer Corps 
  • Certified Lay Speaker, North Georgia Conference, United Methodist Church
  • Certified Wilderness First Responder
  • Advanced Open Water Diver

Publications

  • "Long Distance Records: Requesting and Managing the Records of Foreign Nationals," Journal of AHIMA, April 2012
  • "Communicating Through the EHR," Journal of AHIMA, February 2012
  • Co-Author, Georgia Hospital Law Manual, Consents and Advance Directives Section (1997, 2005 and 2011 eds.)
  • Author and Co-Author, Georgia Health Information Management Association Legal Manual (2002, 2006 and 2011 rev. eds.)
  • Co-Author, "Hospitals and Their Local Communities - A Beneficial and Necessary Partnership," SML Perspectives, Volume Three, 2011
  • Co-Author, "Non-Profit Health Care Organizations and Joint Real Estate Ventures - The Pitfalls of Choosing a Business Entity," SML Perspectives, Volume One, 2011
  • "Cybersecurity Insurance: Considering Coverage for Data Breaches," Journal of AHIMA, January 2011
  • "Why Can't We Be "Friends"? Online Interactions Between Patients and Health Care Providers," SML Perspectives, December 2010
  • Co-Author, "A Snapshot of Patient Privacy - Why New Camera Technologies Present a Challenge for Health Care Facilities," SML Perspectives, December 2010 
  • "Breaches of Unsecured PHI after HITECH: A Suggested Framework for Investigation," 2010 University of Florida Risk Rx, Vol. 7, No. 3, July-September 2010
  • "PHI Faux Pas: Social Media And The Unauthorized Disclosure Of PHI" – American Health Lawyers Association's Health Lawyers Weekly, Vol. VIII, Issue 17, April 30, 2010
  • "Breaches of Unsecured PHI after HITECH: A Suggested Framework for Investigation," Florida Society for Hospital Risk Management and Patient Safety Risk Review, March 12, 2010
  • "County Governments and the FCC's 'Red Flag' Regulation," Georgia County Government, July 2009
  • "Release of Information on Deceased Patients," Journal of AHIMA, January 2009
  • "Professional Practice Solutions:  Releasing Records from Other Providers," Journal of AHIMA, November/December 2008
  • "Healthcare Leadership Lessons from the Military," Atlanta Hospital News, November 2008
  • "Outsourcing HIM Functions to Europe:  A Perilous Atlantic Crossing", Journal of AHIMA, September 2008
  • Editor and Co-Author, South Carolina Health Information Management Association Legal Manual (2007 rev. ed.)
  • "Identity Proofing - Just a Fancy Name for Verification?" - Journal of the American Health Information Management Association, May 2007
  • "Security Rule Blues – The Compliance Deadline Has Passed – Now What?" – Physicians Practice, May 2005
  • "Informed Consent, It's Not Just a Piece of Paper" – Physicians Practice, April 2005
  • "Pay For Performance: The Case For Quality As An Integrating And Incentivizing Factor" – Health Lawyers News, February 2004
  • "Practical Considerations of HIPAA Privacy Rules: Dispelling the Myths, Raising Awareness" – Clinician News Magazine, January/February 2003
  • "Tales from the Dark Side: Real Privacy Nightmares from HIPAA Assessment Engagements" – American Health Lawyers Association's Hospitals and Health Systems Rx, Vol. 4, Issue 2 (Winter 2002)
  • Legal Advisory Regarding New Georgia Hospital Licensure Regulation, Georgia Hospital Association GHA Regulatoryline, December 20, 2002
  • "Health Information Privacy: A New Burden for Self-Insured Employers," Health Care Buyer Magazine, December 2002/January 2003
  • "Advance Directives: Who's In Control?", North Carolina Lawyers Weekly, November 25, 2002
  • "Georgia's New 'Survivor' Rule - Winning the 'Immunity' Challenge," Greater Atlanta Health Information Management Association News, November 2002

Presentations and Speaking Engagements

  • "Clinical Documentation Improvement as a Response to Federal Recoupment Strategies," Association of Clinical Documentation Improvement Specialists Annual Meeting, May 2012 in San Diego, California
  • "Data Integrity and the Official Patient Record: Destination or Journey?", American Health Information Management Association Legal EHR Symposium, Chicago, Illinois, August 2011
  • "Legal Issues in Implementation of an Electronic Health Record," Arizona Health Information Management Association Annual Meeting, Phoenix, Arizona, June 2011
  • "The Path to EHR Implementation: Strategies for Success," Northeast Florida Chapter of the American College of Healthcare Executives, Pensacola, Florida, May 2011
  • "Walking the Social Media Tightrope: Understanding the Risks that Surround Social Media," Association for Home and Hospice Care of North Carolina, Durham, North Carolina, May 2011
  • "Investigating Breaches of Protected Health Information Under HITECH," Georgia Hospital Association Compliance Officers Roundtable, Barnsley Gardens, Georgia, March 2011
  • "Legal Issues in Healthcare," Georgia Chapter of the American College of Healthcare Executives, Atlanta, Georgia, December 2010
  • "Legal Issues," Northeast Florida Chapter of the American College of Healthcare Executives, The Mayo Clinic, Jacksonville, Florida, September 2010
  • "Federal and State Compliance Issues," Georgia Chapter of the American Society of Clinical Oncology, Atlanta, Georgia, September 2010
  • "Investigating Breaches of Protected Health Information Under HITECH," Tennessee Health Information Management Association Annual Meeting, Chattanooga, Tennessee, April 2010
  • "The Legal Electronic Health Record: Beyond Definition," Metropolitan Chicago Healthcare Council, October 2009
  • "Managed Care Contracting: Maximizing Reimbursement and Contract Compliance," Georgia Society of Managed Care Annual Meeting, Young Harris, Georgia, October 2009
  • "HITECH: The Economic Stimulus Package and Its Impact on HIPAA," The Florida Bar Health Law Section’s Fundamentals of Florida Healthcare Law, Orlando, Florida, September 2009
  • "Managing External Health Information," Lorman Education Services National Teleseminar, July 2009
  • "Going Out of Network: Pitfalls and Opportunities," Multistate Hospital Managed Care Conference, Savannah, Georgia, April 2009
  • "Legal Issues Regarding the Electronic Health Record," Scottsdale Institute, October 2008
  • "E-Discovery Hot Topics," American Health Information Management Association Annual Meeting, Seattle, Washington, October 2008
  • "The Legal EHR:  Beyond Definition," American Health Information Management Association Legal EHR Conference, Chicago, Illinois, August 2008
  • "Defining the Legal Electronic Health Record: Much Ado About Nothing?", North Carolina Health Information Management Association Annual Meeting, Asheville, North Carolina, May 2008
  • "Everything I Need to Know About Leadership I Learned in the Boy Scouts," American Health Information Management Association AOE Symposium, Chicago, Illinois, July 2007
  • "Practical and Legal Considerations of the Interoperable Electronic Health Record," Florida Health Information Management Association Annual Meeting, Orlando, Florida, June 2007 
  • "Issues Surrounding Defining the Legal Electronic Health Record," American Health Information Management Association Legal EHR Symposium, Chicago, Illinois, June 2007
  • "State and Federal Compliance Matters," American Academy of Medical Management, Atlanta, Georgia, April 2007
  • "Moving Health Information in an Emergency," National Emergency Management Summit, New Orleans, Louisiana, March 2007
  • "Disaster Response and Business Continuity: Lessons from Hurricane Katrina," American Health Information Management Association Annual Conference, Denver, Colorado, October 2006
  • "HIPAA Privacy: A Three Year Look Back," Thirteenth National HIPAA Summit, Washington DC, September 2006
  • "Teaching Legal and Ethical Aspects in the Age of the EHR – HIM 'At The Movies'," American Health Information Management Association AOE Symposium, Nashville, Tennessee, June 2006
  • "Practical and Legal Considerations in Establishing a Personal Health Record," California Health Information Association Annual Meeting, Rancho Mirage, California, June 2006
  • "HIPAA Privacy: Tales from the Dark Side," Arkansas Health Information Management Association Annual Meeting, Hot Springs, Arkansas, May 2006
  • "Practical and Legal Considerations in Establishing an Electronic Health Record," Twelfth National HIPAA Summit, Washington DC, April 2006
  • "Planning for Pandemonium: Preparing for Pandemic Flu and Other Disasters – Part V: Health Information Issues," American Health Lawyers Association, National Audio Seminar, February 2006
  • "Practical and Legal Considerations in Establishing a Personal Health Record and the Role of the Personal Health Information Manager," American Health Information Management Association Annual Conference, San Diego, California, October 2005
  • "Pay for Performance: Using Quality as Your Benchmarking Standard," Professional Association of Health Care Office Managers Annual Meeting, Louisville, Kentucky, September 2005
  • "Impacts of Pay for Performance in the Self-Funded Arena," Georgia Chapter of the Healthcare Financial Management Association, Annual Summer Meeting, Hilton Head, South Carolina, July 2005
  • "State and Federal Audits," Medical Association of Georgia, Law and the Physician Symposium, Amelia Island, Florida, July 2005
  • "Teaching HIPAA Compliance: Tales from the Dark Side," American Health Information Management Association AOE Symposium, St. Louis, Missouri, June 2005
  • "Solutions to Sticky HIPAA Issues," American Health Information Management Association National Audio Seminar, April 2005
  • "HIPAA Security Risk Analysis: The Health Plan and Provider Perspective," Workgroup for Electronic Data Interchange Fall 2004 Conference, Atlanta, Georgia, November 2004
  • "Release of Information: Cutting Through the Frustration," Institute for Continuing Legal Education in Georgia, 20th Annual Medical Malpractice Institute, Amelia Island, Florida, November 2004
  • "Corporate Compliance – Or Corporate Complacency?" North Carolina Chapter of the American Society of Healthcare Risk Managers, Greensboro, North Carolina, November 2004
  • Guest Lecturer, Darton College Health Information Technology Program, Albany, Georgia, October 2004
  • "Pay for Performance: How Quality Can Help You Integrate With Physicians in Managed Care," Dixon Hughes Healthcare Financial Strategies Conference, Charleston, South Carolina, May 2004
  • "Privacy Nightmares and Practical Solutions," American Health Lawyers Association Technology and Health Law Forum, San Francisco, California, October 2003
  • "The New Georgia Hospital Licensure Rules," Georgia Academy of Healthcare Attorneys Annual Meeting, Atlanta, Georgia, May 2003
  • "Tales From the Dark Side: Real Privacy Nightmares from HIPAA Assessments," Sixth National HIPAA Summit, Washington, DC, March 2003
  • "Advance Directives and Physician Assisted Suicide," Rockdale Hospital and Health System Medical Staff Grand Rounds, Conyers, Georgia, January 2003
  • "HIPAA Compliance for Third Party Administrators and Self-Funded Health Plans," North American Group Underwriters Association Winter Meeting, Denver, Colorado, November 2002
  • "HIPAA Requirements for Hospital Chaplains and Volunteers," Georgia Society of Healthcare Chaplains Annual Meeting, St. Simons Island, Georgia, September 2002
  • "HIPAA: Is It Out of Control?" 24th Annual Health Law Forum, East Carolina University Brody School of Medicine, Greenville, North Carolina, September 2002
  • "Legal Implications of HIPAA," Crisp Hughes Evans Facility Management Conference, Charleston, South Carolina, May 2002
  • "HIPAA Obligations of Insurers and Third Party Administrators," Southern Claims Conference, Orlando, Florida, April 2002
  • "HIPAA for Insurers: An Overview," Southern Claims Conference, Memphis, Tennessee, April 2001
  • "Medical Records in Litigation," Roswell Volunteer Fire & Rescue Department, Roswell, Georgia, July 2000
  • "Medical Records in Litigation," Georgia District III EMS Directors Meeting, Marietta, Georgia, June 2000
  • "Healthspeak: The New Vocabulary of Health Care Reform," Southern Claims Conference, Panama City Beach, Florida, June 1998