Skip To Content
Site Search and Main Navigation Modal

Leeann Habte counsels clients on health care regulatory compliance, information privacy and security, Medicare and Medicaid reimbursement issues, and managed care operations. She represents health plans, independent practice associations, and health systems  on a broad range of legal issues.

Leeann applies her practical and legal experience to help clients find real-world business solutions to complex legal and regulatory issues.

Health Care Compliance

Leeann counsels clients on fraud and abuse compliance; Corporate Integrity Agreement implementation and compliance, Knox-Keene health plan licensing, provider credentialing; structuring provider incentives and value-based arrangements, compliance with Medi-Cal, Medicare, and Knox-Keene Act requirements, and interaction with Boards regarding compliance oversight. She counsels on CalAIM and D-SNP implementation.

Privacy and Security

A Leeann advises on security incident response, breach notification, privacy and security policies and procedures, Office for Civil Rights audits, vendor management practices, business associate agreements, website privacy policies, training, and related issues. She is highly experienced in counseling clients on the interaction of state and federal law, including laws governing behavioral health and educational data. She advises on a variety of complex issues such as consent management for sensitive data in health information exchanges, data-sharing arrangements, telemedicine, medical/mobile device privacy and security, and emerging privacy and security risks.

Reimbursement

Leeann advises clients on Medicaid and Medicare reimbursement issues, including Medi-Cal rate appeals and audits, Medicaid waiver issues, reimbursement rules, medical necessity determinations, billing issues, utilization review and bankruptcy issues. 

Managed Care Operations

Leeann provides strategic counseling to managed care entities and works with clients on provider contracting, procurement, and vendor management. She negotiates a variety of technology and delegation agreements.

Prior Experience

Prior to joining Best Best & Krieger LLP as a partner, Leeann was a senior counsel at Foley & Lardner LLP, a law firm with a nationally recognized health care practice. She also has years of practical experience, having served as an associate director at the UCLA Center for Health Policy Research and research director at the Minnesota Department of Health prior to becoming an attorney. In those positions, she led HIPAA and data security effortsand policy initiatives in a variety of areas, including .health quality, administrative simplification, charity care, and supporting safety net providers.

A native of Minnesota, Leeann obtained her master’s degree in communications from the University of Minnesota. She has worked in the health care field for more than 30 years, having begun in public relations, transitioned to health policy, and then to a legal career. She attended and ranked highly in Loyola Law School’s evening program for professionals while working full-time at UCLA. She is a devoted mother, a world traveler, and a Tai Chi practitioner.

Experience

Privacy and Security

  • Advised on Office for Civil Rights investigations regarding large breaches and ransomware, and on security risk assessments.
  • Counseled national health care system and California health care entities on health information exchange participation strategy, developed participation agreements, and privacy/security policies and negotiated  agreements.
  • Advised on integrated  data sharing arrangements and approaches and universal releases of information for health and social services data, in compliance with California and federal law.
  • Conducted numerous 50-state surveys on state minor consent laws, state law restrictions on disclosure of sensitive information, pharmacy-specific privacy requirements and related issues.
  • Assisted state health care  system to disaffiliate data systems and information, considering data ownership, contractual arrangements and compliance.

Regulatory Compliance

  • Successfully obtained a full-service health plan license for a California Medi-Cal managed care plan; routinely advise on regulatory submissions.
  • Drafted set of policies for implementing changes to Med-Cal 2024 agreement and a broad range of other compliance policies; related to health plan Medicare/Medi-Cal compliance elivered Fraud, Waste, and Abuse and HIPAA/Corporate Integrity Agreement training for California health plans, hospital medical staff bylaws, utilizaton review, and hospital informed consent policies
  • Drafted Institutional Review Board Policies for creation of new IRB, advised on clinical research agreements.
  • Assisted in internal investigations on fraud and abuse issues.
  • Advised counties on issues related to jails and correctional health services and health care.

Reimbursement

  • Counseled a health plan on successful litigation appealing health plan Medi-Cal managed care rates, represented various counties in Medi-Cal administrative appeals of mental health administrative expenses, Federally Qualified Health Center payments and related issues.
  • Successfully represented a provider on stop-loss insurance issues.
  • Advised clients on appeals of overpayment charges from Office of Inspector General, Centers for Medicare and Medicare Services, or Department of Health Care Services.
Accolades
  • Top Health Care Lawyer, Daily Journal, 2021
  • Woman of Influence: Health Care, Los Angeles Business Journal, 2021
  • ​The Best Lawyers in America®, Health Care Law, 2021–2025
Professional & Community Involvement
  • American Health Lawyers Association, Health Information Technology Practice Group, Publications Co-Chair, 2021-present
  • American Health Lawyers Association, Digital Health Affinity Group Chair, 2021
  • California Society for Health Care Attorneys
  • Health Care Compliance Association, Southern California Conference Planning Committee Member, 2021-present
  • International Association of Privacy Professionals
  • Los Angeles County Bar Association, Health Law Section Executive Committee Member, 2021-present
Thought Leadership

Publications

  • Co-author, “OCR Releases Final Rule on Reproductive Health Privacy, “ Health Law Weekly, May 3, 2024
  • “Texas Court Vacates Office for Civil Rights Guidance on Third-Party Website Tracking Technology,” American Health Law Association, July 10 2024
  • “Transitioning of Behavioral Health Data Sharing and Information Exchange: A Structured Approach to Decision Making,” Information Briefing, AHLA, April 2021
  • "Health Data Defense: Understanding Security Standards and Certifications," AHLA Connections, Oct. 2021
  • "Convener on Artificial Intelligence and Health Law: Designing a Trusted Framework for the Application of AI in Health Care," American Health Lawyers Association, Nov. 2020
  • “Transitioning of Behavioral Health Data Sharing and Information Exchange: A Structured Approach to Decision Making” AHLA Briefing, April 2021
  • "Artificial Intelligence in Health Care: Welcome to the Machine,"  AHLA Connections, June 2018
  • “Federal and State Data Privacy Laws and Their Implications for the Creation and Use of Health Information Databases,” Big Data: A Business and Legal Guide, CRC Press, 2015
  • “What is the Meaning of Meaningful Use? How to Decode the Opportunities and Risks in Health Information Technology,” Business Law News, July 13, 2015
  • “The Big Data Dilemma: Compliance for the Health Professional in an Increasingly Data-Driven World,” Journal of Healthcare Compliance, June 2015
  • “Deconstructing Cyberinsurance Coverage: Lessons From the Travelers Case,” AHLA HIT Practice Group E-alert, June 15, 2015
  • “Medicare Penalties and Bonuses for Meaningful Use of EHRs Revamped as Part of the ‘Doc Fix’ Bill,” AHLA HIT Practice Group E-alert, June 8, 2015
  • “Privacy Laws Impose Key Restrictions,” Executive Insight, April 20, 2015
  • “Tapping Into the Big Value of Health Care Big Data,” Foley White Paper, Feb. 27, 2015
  • “OIG 2015 Work Plan, Part 2: Do Fewer Projects Mean a Sharper Focus?” Compliance Today, Feb. 2, 2015.
  • “Genetic Information Privacy: A Complex Regulatory Framework,” Bloomberg BNA: Medical Research Law & Policy Report, Jan. 7, 2015
  • “Federal and State Privacy Laws: Strategies for Analysis of Big Data in Healthcare,” Healthcare Informatics, Dec.5, 2014
  • “Privacy Issues in the Sharing of Genetic Information,” Foley White Paper, Sept.18, 2014
  • “A Proactive Approach to Cloud Computing in the Health Care Industry,” AHLA Connections, June 1, 2013
  • “Minnesota AG Reaches First Settlement With Business Associate Under HITECH Act,” Bloomberg BNA's Health IT Law & Industry Report, Aug. 20, 2012
  • “HHS Imposes First Civil Penalty and Resolution Agreement Resulting from HITECH Breach Notification Rule,” Managed Care Outlook, April 15, 2012
  • “DMEPOS Supplier Marketing Arrangements and HIPAA Compliance,” Compliance Today, Sept. 1, 2011

Presentations

  • “Behavioral Health Privacy: Updates on 42 CFR Part 2 and Application to Telehealth,” American Health Lawyers Association, March 12, 2025
  • “New Developments in Behavioral Health and Reproductive Health Privacy,” Southern California Health Care Compliance Association, June 7, 2024
  • “Healthcare Privacy: Recent Updates and What to Expect in 2024,” County Counsel Association, Southern California, April 18, 2024
  • “Telemedicine Series Part I: Telehealth Today – Compliance and Reimbursement Considerations,” American Health Law Association Webinar, March 12, 2024
  • "Developments in Sensitive Health Data Privacy Regulations - What you Need to Know," Los Angeles County Bar Association Webinar, May 15, 2024
  • "Addressing Cybersecurity Risks: Best Practices to Keep Your Special District Secure," Webinar, California Special Districts Association, Oct. 6, 2022
  • "Exploring Data Breaches: What State, Local, and Private Institutions can do to Protect Themselves and the Public," California State Senate Select Committee on Cybersecurity and Identity Theft Prevention, Nov. 8, 2021
  • "Cybersecurity Risks and Cities: Strategies to Address Escalating Threats," League of California Cities Annual Conference, Sept. 23, 2021
  • "Addressing Cybersecurity Risks: Best Practices to Keep Your Special District Secure," Webinar, California Special Districts Association, May 25, 2021
  • "Designing a Trusted Framework for the Application of AI in Health Care," AHLA’s Convener on Artificial Intelligence and Health Law, Nov. 2, 2020
  • "What COVID-19 and Other Changes Mean for Your Privacy Impact Analysis," Health Care Compliance Association, May 29, 2020
  • "COVID-19 and the Mainstreaming of Telehealth," COVID-19 and the Mainstreaming of Telehealth, Los Angeles County Bar Association Healthcare Law Section, June 2, 2020
  • "Artificial Intelligence in Health Care: Welcome to the Machine," American Health Lawyers Association AI and Health Law Convener, Mar. 5, 2020
  • "Health Care Artificial Intelligence: Law, Regulation, and Policy," The Stanford Center for Continuing Medical Education Conference, Nov. 8, 2019
  • "Legal Panel: Cybersecurity, Artificial Intelligence, and Medical Devices," Artificial Intelligence in Healthcare Presentation, Maurice A. Deane School of Law at Hofstra University, Apr. 4, 2019
  • "Behavioral Health Privacy Compliance in a Changing Health Care Environment," Health Care Compliance Association Orange County Regional Compliance Conference, June 15, 2018
  • "When Ransomware Attacks — Dancing with the Devil," American Health Lawyers Association’s Physicians and Hospitals Law Institute, Feb. 6, 2018
  • "Insurance Considerations, Privacy and Cybersecurity," The Seminar Group Legal and Policy Considerations of Automated Vehicles: Balancing Innovation and Regulation Event, Sep. 15, 2017
  • “In the Trenches: OCR Audits, Data Breaches, and Cybersecurity Threats & Mitigations,” Southern California Health Care Compliance Association Conference, June 16, 2017
  • Strategies for Managing Business Associate Relations,” Southern California Health Care Compliance Association Conference, June 17, 2016
  • “How to Navigate Proposed Changes to Substance Abuse Confidentiality Regulations,” Foley Web Conf., Mar. 29, 2016
  • “Best Practices in HIPAA Security Risk Analysis,” Health Information and Management Systems Society Privacy and Security Forum, Dec. 2, 2015
  • “EHR Technology: Where Meaningful Use, Compliance, and Clinical IT Intersect,” Foley Compliance Immersion Program, Nov. 18, 2015
  • “Telehealth Data Privacy and Security: Strategies and Solutions for Providers,” Foley Web Conf., Sept.16, 2015
  • “HIPAA and Beyond: Compliance with Federal and State Privacy Laws,” Health Care Compliance Association Southern California Regional Conf., June 19, 2015
  • “How Digital Health will Enable BioPharma to be More Patient-Centered,” CalBIO Conf., Mar. 3, 2015
  • “Data Breach Prevention and Response – Managing the Risk,” Foley Web Conf., Oct. 7, 2014
  • “Protecting Patient Rights in Your ASC: What’s New in Compliance with Privacy Laws,” Ambulatory Surgical Centers Association National Conf., Apr. 19, 2013
  • “Preparing to Comply With the HITECH Final Rule,” Foley Web Conf., Mar. 19, 2013
  • “Health Care Data in the Cloud: Strategies for Contracting With Cloud Providers,” Foley Web Conf., Jan. 16, 2013
  • “Cloud Computing in Healthcare: HIPAA and State Law Challenges,” Foley Web Conf., June 7, 2012
  • “Privacy and Security in the HITECH Era,” Foley Web Conf., Dec. 16, 2011

Education & Admissions

Education
Loyola Law School
J.D.
University of Minnesota, Twin Cities
M.S.
St. Cloud State University
B.S.
Bar Admissions
California

Languages

English

Cookie Notice

By clicking “Agree,” you agree to the storing of cookies on your device to enhance website navigation, analyze website usage and assist in our marketing efforts. View our Cookie Notice here.