Daniel J. Kagan

Dan Kagan is an Associate in the Health Care, Long Term Care and Privacy and Cybersecurity Groups. He represents hospitals, physicians, nursing homes, assisted living communities, CCRCs and other health care clients with a wide range of regulatory, compliance, risk management, transactional and reimbursement issues.

As a member of the Health Care and Long Term Care groups, Dan has experience representing clients with HIPAA compliance, Stark and anti-kickback analyses, purchase and sale transactions, reviewing and drafting contracts, certificate of need requirements, rate appeals, Medicare and Medicaid audits, medical staff and credentialing matters, licensing and change of ownership proceedings.

With regard to Privacy and Cybersecurity, Dan has experience drafting privacy policies and notices, website terms of use, written information security plans and incident response plans.  Dan counsels clients on compliance issues related to state, federal and international privacy laws including the General Data Protection Regulation (GDPR).  Dan also has experience representing both health care and non-health care clients that have suffered data breaches and assists such clients with breach response and applicable reporting obligations.  Dan writes extensively on privacy and cybersecurity issues and is a co-editor of Murtha's Privacy and Cybersecurity Perspectives blog.

Prior to joining Murtha Cullina, Dan clerked for the Honorable Lubbie Harper, Jr. and the Honorable Joseph H. Pellegrino of the Connecticut Appellate Court.

Dan received his J.D. with honors from the University of Connecticut School of Law where he was a Notes and Comments Editor for the Connecticut Insurance Law Journal. He earned his Bachelor of Arts in Economics from McGill University.

• Health Care
• Long-Term Care
• Privacy and Cybersecurity

• 2019 New Leader in the Law, Connecticut Law Tribune
• Listed as Connecticut Super Lawyers® Rising Star (Super Lawyers is a registered trademark of Key Professional Media, Inc.)

• "Why Arbitration is the Preferred Dispute Resolution Vehicle for Most Integrated Delivery System Disputes” American Arbitration Association Dispute Resolution Journal, Volume 71 / No. 3., December 2016

• Connecticut Bar Association, Executive Committee, Young Lawyers Section
• Board Member, The CABO Foundation
• American Health Lawyers Association

• Law Clerk, Connecticut Appellate Court
• Legal Extern, University of Connecticut Health Center
• Legal Extern, The United States Department of Health and Human Services
• Legal Intern, Connecticut Children's Medical Center

• October 2, 2015 - Firm Expands By Adding Seven Attorneys
• August 31, 2015 - Daniel J. Kagan Joins Health Care Group

• October 8, 2019 - Health Care Group News: OCR Fines Dental Practice $10,000 For Social Media Disclosures
• September 20, 2019 - Health Care Group News: $85,000 OCR Settlement in HIPAA Patient Rights Case
• June 3, 2019 - Health Care Group News: But, I'm Just a Business Associate . . . Think Again.
• February 14, 2019 - Health Care Group News: HIPAA Enforcement In 2018 Hits All Time High
• October is National Cybersecurity Awareness Month
• January 17, 2018 - Health Care Group News: Connecticut Recognizes New Cause of Action for Breach of Patient/Physician Confidentiality
• January 3, 2018 - Health Care Group News: CMS Clarifies that Texting of Orders is Not Permitted
• December 13, 2017 - Privacy and Cybersecurity Group News: 'Tis the Season: W-2 Phishing Scams Likely to Resurface After the New Year
• September 7, 2017 - Health Care Group News: Summer Is Over ... Time For Connecticut Health Care Providers To Get Up To Speed On Recent Changes
• July 18, 2017 - Information Security & Privacy and Health Care Group News: Protecting Data: Vendors May Be Your Weakest Link
• June 28, 2017 - Health Care & Long-Term Care Group News: Data Breaches Most Expensive For Health Care Industry But Precautionary Measures Can Keep Costs Down
• June 15, 2017 - Health Care Group News: OCR Releases Checklist On What To Do Following A Cyber Attack
• May 16, 2017 - Information Security and Privacy Group News: Five Things You Can Do to Protect Your Business From a Cyber Attack
• April 25, 2017 - Health Care Group News: OCR Published Three HIPAA Settlements in Two Weeks, Signaling a Ramp Up of HIPAA Enforcement Activity
• January 30, 2017 - Information Security and Privacy Group News: Phishing Alert: Employee W-2 Information at Risk
• January 18, 2017 - Health Care Group News: OCR Releases New Clarifying Guidance In Response To Orlando Pulse Nightclub Attack
• January 5, 2017 - Health Care Group News: Texas District Court Preliminarily Enjoins Partial Enforcement of Section 1557
• November 10, 2016 - Health Care Group News: A (Temporary) Sigh of Relief for Hospital Expansion: CMS Releases Final Rule regarding Provider-Based Departments
• August 18, 2016 - Information Security and Privacy Group News: Is Your Student Information Adequately Protected?
• August 16, 2016 - Health Care Group News: Bitcoin. System Lockdown. Data Held Hostage. Ransom Demand.
• May 26, 2016 - Health Care Group News: Part Two: The Rest of SB 351 (Now Public Act 16-95)
• May 10, 2016 - Burt Cohen and Daniel Kagan featured in New England Real Estate Journal
• May 6, 2016 - Health Care Group News: Connecticut Limits Physician Non-Competition Agreements: Just one piece of SB 351
• March 31, 2016 - Information Security and Privacy Group News: Cities and Towns Being Targeted by Hackers: Connecticut Municipalities Must Follow Data Breach Laws
• March 29, 2016 - Health Care and Long-Term Care Groups News: The HIPAA Phase 2 Audits Have Arrived
• February 22, 2016 - Health Care Group News: Final Rule Regarding Return Of Medicare Overpayments Is More Favorable to Providers Than Anticipated
• December 3, 2015 - Health Care Group News: CMS Finalizes Two New Stark Exceptions and Provides Some Clarity to Others
• November 16, 2015 - Health Care Group News: Bi-Partisan Budget Act Affects New Provider-Based Facilities

• September 23, 2019 - PrivacyAndCybersecurityPerspectives.com: 100 Days from CCPA, Is Your Business Ready?
• April 8, 2019 - PrivacyAndCybersecurityPerspectives.com: “Alexa - Can You Comply with HIPAA?”
• February 28, 2019 - PrivacyAndCybersecurityPerspectives.com: Popular Children's App Music.ly Settles FTC COPPA Claims
• February 8, 2019 - PrivacyAndCybersecurityPerspectives.com: HIPAA Enforcement in 2018 Hits All Time High
• December 13, 2018 - PrivacyAndCybersecurityPerspectives.com: Another HIPAA Breach, Another 6-Figure HIPAA Settlement
• November 28, 2018 - PrivacyAndCybersecurityPerspectives.com: Six-Figure OCR Settlement for Three-Physician Practice Failing to Follow Policies
• October 26, 2018 - PrivacyAndCybersecurityPerspectives.com: Less is More: The Role of Data Retention Policies in Cybersecurity Performances
• October 12, 2018 - PrivacyAndCybersecurityPerspectives.com: The Importance of Training
• October 1, 2018 - PrivacyAndCybersecurityPerspectives.com: October is National Cybersecurity Awareness Month!
• September 25, 2018 - PrivacyAndCybersecurityPerspectives.com: California Governor Approves Revisions to Consumer Privacy Act
• September 13, 2018 - PrivacyAndCybersecurityPerspectives.com: OCR Releases Hurricane Florence Guidance Ahead of Storm
• July 25, 2018 - PrivacyAndCybersecurityPerspectives.com: Denmark Implements Email Encryption Requirement, What Countries Will Follow?
• June 22, 2018 - PrivacyAndCybersecurityPerspectives.com: ALJ Judge Upholds OCR's $4,348,000 Data Breach Penalty on Texas Hospital
• June 5, 2018 - PrivacyAndCybersecurityPerspectives.com: Connecticut Legislature Responds to Proliferation of Data Breaches
• May 1, 2018 - PrivacyAndCybersecurityPerspectives.com: Twitter Becomes the Latest Social Media Company Tangentially Linked to Cambridge Analytica
• April 3, 2018 - PrivacyAndCybersecurityPerspectives.com: Grindr Grinds Users Gears by Reportedly Sharing Users' HIV Status
• March 22, 2018 - PrivacyAndCybersecurityPerspectives.com: Facebook in Hot Water With Latest Privacy Missteps
• February 21, 2018 - PrivacyAndCybersecurityPerspectives.com: SCOTUS Denies Cert on CareFirst: No Clarity on Harm in Data Breach Cases This Session
• February 7, 2018 - PrivacyAndCybersecurityPerspectives.com: Massachusetts Launches New Online Breach Reporting Form
• January 17, 2018 - PrivacyAndCybersecurityPerspectives.com: Connecticut Recognizes New Cause of Action for Breach of Patient/Physician Confidentiality
• December 13, 2017 - PrivacyAndCybersecurityPerspectives.com: 'Tis the Season: W-2 Phishing Scams Likely to Resurface After the New Year
• July 18, 2017 - PrivacyAndCybersecurityPerspectives.com: Protecting Data: Vendors May Be Your Weakest Link
• June 28, 2017 - PrivacyAndCybersecurityPerspectives.com: Data Breaches Most Expensive for Health Care Industry But Precautionary Measures Can Keep Costs Down
• May 16, 2017 - PrivacyAndCybersecurityPerspectives.com: Five Things You Can Do to Protect Your Business From a Cyber Attack
• April 25, 2017 - PrivacyAndCybersecurityPerspectives.com: OCR Published Three HIPAA Settlements in Two Weeks, Signaling a Ramp Up of HIPAA Enforcement Activity
• December 2016 - Paul Knag and Daniel Kagan Co-Author Article for American Arbitration Dispute Resolution Journal

• October 6, 2016 - Stephanie Sobkowiak and Daniel Kagan to present “Health Care Legal Update” seminar for the Healthcare Financial Management Association and the CT Society of CPAs

• Connecticut
• Massachusetts

• University of Connecticut School of Law (J.D., with honors, 2014)
• McGill University (B.A. in Economics, 2010)