Heather B. Deixler

San Francisco
  • 505 Montgomery Street
  • Suite 2000
  • San Francisco, CA 94111-6538
  • USA

Heather Deixler is a corporate counsel in the San Francisco office of Latham & Watkins.

Ms. Deixler counsels public and private companies operating in the healthcare and life sciences industries on transactional and regulatory matters.

She advises hospitals, physician organizations, as well as digital health, pharmaceutical, and medical device companies on:

  • Privacy and security
  • Physician self-referral (i.e., the federal Stark law and its state counterparts)
  • Fraud and abuse

Ms. Deixler advises clients on innovative healthcare delivery systems including Medicare Accountable Care Organizations, clinically integrated networks, and IPAs, and other value-based payment programs.

Ms. Deixler is a Certified Information Privacy Professional (CIPP/US and CIPP/E) with a particular focus on health information privacy and security, including compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), and federal and state privacy and information security laws. She works with clients to develop and implement compliance programs and respond to security breaches, advises on regulatory compliance matters related to healthcare privacy and security including online privacy policies and terms of service, and counsels on such issues in healthcare transactions. 

Ms. Deixler also counsels companies outside of the healthcare industry on general privacy and security matters, including online privacy and mobile app issues.

Ms. Deixler is Chair of the ABA Health Law Section eHealth, Privacy & Security Interest Group, and Vice-Chair of the American Health Lawyers Association (AHLA) Health Information & Technology (HIT) Practice Group's Educational Programs of the HIT - Tech Licensing and Intellectual Property Affinity Group. She previously served as an Adjunct Professor in the Health Law LLM program at the University of Washington School of Law. Prior to attending law school she worked as a research technician in a neurophysiology laboratory in Dijon, France, and as a clinical research assistant at the Beth Israel Deaconess Medical Center in Boston.

Speaking Engagements
  • "Those Pesky Residents: Data Security and New Applications" with Iliana Peters, AHLA Physicians and Hospitals Law Institute, San Antonio, Texas (Feb. 4, 2019)
  • "Mobile Devices, Cloud Computing - The New Frontier In Health Information Technology," ABA eHealth, Privacy & Security Panel Presentation at the ABA Emerging Issues in Healthcare Law Conference (March 10, 2017)
  • "Beware of Ransomware: Is Your Organization Ready?" ABA Webinar with Winston Krone, Kivu Consulting, Inc. (Dec. 6, 2016)
  • "Privacy Risk Management for Law Firms," Panelist for TRUSTe Privacy Risk Summit (June 8, 2016)
  • "Recent Developments in Privacy and Data Security Law," 88th Annual Meeting of The State Bar of California (Oct. 8-11, 2015)
  • “Security as a Service, How to Keep Your Customers from Becoming the Next Target,” Panelist for ViaWest Webinar (Jan. 21, 2015)
  • “HIPAA Business Associates and Health-Care Big Data: Big Promise, Little Guidance,” BNA Privacy and Security Law Report, 13 PVLR 283 (Feb. 17, 2014)
  • “Final HIPAA Omnibus Rule Brings Sweeping Changes to Health Care Privacy Law: HIPAA Privacy and Security Obligations Extended to Business Associates and Subcontractors,” BNA Privacy and Security Law Report, 12 PVLR 168 (Feb. 4, 2013)
Notice: We appreciate your interest in Latham & Watkins. If your inquiry relates to a legal matter and you are not already a current client of the firm, please do not transmit any confidential information to us. Before taking on a representation, we must determine whether we are in a position to assist you and agree on the terms and conditions of engagement with you. Until we have completed such steps, we will not be deemed to have a lawyer-client relationship with you, and will have no duty to keep confidential the information we receive from you. Thank you for your understanding.