Craig A. Robinson

He | Him | His

Associate

Houston
T +1.713.646.1365
F +1.713.751.1717

Overview

Craig Robinson leverages his experience as the patient privacy program manager for a large healthcare system as he leads healthcare clients through responses to data breach incidents. When an event occurs, he works with a client to develop a solution that is specifically tailored to the client's organization. Craig leads the post-event analysis and response and directs any forensic investigation. He also helps clients satisfy any notification duties and respond to regulatory inquiries.

Craig advises clients on the interpretation of applicable state, federal and international data privacy laws. He views incidents from all angles to recommend the best course of action.

Select Experience

  • Led a healthcare system’s patient-privacy team regarding the development, implementation, coordination and maintenance of the patient-privacy program.
  • Advised internal stakeholders regarding how to structure programs and projects to comply with patient privacy laws and regulations.
  • Drafted and updated patient privacy policies and forms and negotiated Business Associate Agreements, Data Use Agreements and contractual provisions involving patient-privacy.
More »

Experience

  • Led a healthcare system’s patient-privacy team regarding the development, implementation, coordination and maintenance of the patient-privacy program.
  • Advised internal stakeholders regarding how to structure programs and projects to comply with patient privacy laws and regulations.
  • Drafted and updated patient privacy policies and forms and negotiated Business Associate Agreements, Data Use Agreements and contractual provisions involving patient-privacy.
  • Led complex and high-risk patient privacy investigations.
  • Responded to inquiries from the Office for Civil Rights (OCR), plus reported HIPAA breaches to the OCR, media, the Texas Attorney General’s Office and affected patients.
  • Maintained working knowledge of law relating to data confidentiality and patient rights, including but not limited to, the HIPAA Privacy Rule, HIPAA Security Rule, GDPR, Part 2, 21st Century Cures Act (information blocking prohibition and exceptions), Texas Health & Safety Code Chapters 81, 181, 241, 313, 521 and 611.
  • Reported privacy breaches and responded to data requests from the federal government.
  • Conducted HIPAA risk assessments.
  • Analyzed internal programs for compliance with patient-privacy laws and regulations.

Recognitions and Memberships

Recognitions

  • Hometown Hero Award
  • Armed Forces Expeditionary Medal
  • Iraqi Campaign Medal
  • Humanitarian Service Medal

Memberships

  • Texas Bar Association

Pro Bono

  • Successfully obtained an order of non-disclosure prohibiting disclosure of an individual's criminal offense under Chapter 411 of the Texas Government Code.

Prior Positions

  • Harris Health System
    • Patient Privacy Program Manager (2019 to 2022)
    • Compliance Analyst (2016 to 2019)
  • The Honorable Frances H. Stacy, U.S. District Court for the Southern District of Texas: Judicial Intern (2014)

Military Service

  • U.S. Air Force National Guard: Staff Sergeant (2003 to 2015)

Admissions

  • Texas

Education

  • LL.M., Health Law, University of Houston Law Center, 2019
  • J.D., University of Houston Law Center, 2016; Houston Journal of International Law, Editor
  • B.A., Texas State University, 2013, summa cum laude