Mark J. Swearingen

About Mark

Mark Swearingen has practiced in the area of health information privacy and security for over 20 years, with particular focus on HIPAA compliance, data breach response, government investigations, HIPAA audits and 42 C.F.R. Part 2. Since the HIPAA Breach Notification Rule was issued in 2009, Mark has handled a substantial number of health care data breaches, including cases involving ransomware, email phishing, lost/stolen devices, insider threats and medical devices. He regularly guides clients through government investigations of privacy and security incidents and has successfully negotiated resolutions and settlements with both federal and state agencies. Mark also advises clients on issues relating to emerging technologies, such as telemedicine, medical apps and artificial intelligence.

Mark understands the complexities of health care privacy and security as well as the various challenges that health care organizations face with these issues. He has worked with a broad spectrum of organizations, including health systems, hospitals, physician practices, health plans, governments, technology companies and business associates and uses his experience to help clients develop and implement a privacy and security program that is specifically tailored to the particular structure, operation and mission of the client.

Mark speaks and writes frequently, both regionally and nationally, on health care privacy and security matters. Since 2006, he has been a Board member of the Indiana Security and Privacy Network (InSPN), a volunteer, non-profit organization that provides a forum for health care organizations to collaborate on security and privacy best practices.

Mark lives out in the country with his wife and three sons. Mark has been playing drums since the age of 10 and enjoys playing and listening to any type of music with a funky beat or complex rhythm.