Brandon C. Ge

Overview

Brandon C. Ge is a counsel in Crowell & Moring’s Washington, D.C. office, where he is a member of the firm’s Privacy and Cybersecurity and Health Care groups.

Brandon advises clients on a wide range of privacy and cybersecurity laws, regulations, and standards. His practice has a particular focus on advising clients – from start-up digital health companies to large health plans – on all aspects of compliance with the Health Insurance Portability and Accountability Act (HIPAA). Brandon regularly assists clients with responding to security incidents and has successfully represented clients in Office for Civil Rights investigations.

In addition, Brandon counsels clients on a variety of other privacy and cybersecurity issues, including the General Data Protection Regulation (GDPR), the Telephone Consumer Protection Act (TCPA), and 42 CFR Part 2. Brandon has extensive experience conducting technical security evaluations of both clients and their prospective vendors. He also frequently works with companies across a variety of industries to incorporate privacy and security by design based on guidance from the FTC, state attorneys general, and NIST.

Brandon was recognized as "Ones to Watch" for Health Care Law in the 2023 edition of The Best Lawyers in America.

During law school, Brandon was a Harlan Fiske Stone Scholar and served as an articles editor of the Columbia Science and Technology Law Review. Prior to law school, Brandon worked at a biotechnology company and volunteered at the emergency department of a not-for-profit hospital in Maryland.

Career & Education

|

University of Maryland, College Park, B.A., 2007
Columbia Law School, J.D., Harlan Fiske Stone Scholar, 2012
- University of Maryland, College Park, B.A., 2007
- Columbia Law School, J.D., Harlan Fiske Stone Scholar, 2012
District of Columbia
Maryland
- District of Columbia
- Maryland

Brandon's Insights

Client Alert | 11 min read | 01.10.25

OCR Issues Notice of Proposed Rulemaking to Modernize the HIPAA Security Rule and Strengthen Protections for Health Information

On January 6, 2025, the Department of Health and Human Services’ Office for Civil Rights (“OCR”) published a notice of proposed rulemaking (the “NPRM”) entitled HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information. In light of evolving technologies and cybersecurity threats, the NPRM aims to modernize security regulations implementing the Health Insurance Portability and Accountability Act security standards (the “HIPAA Security Rule”) and strengthen protections for the confidentiality, integrity, and availability of electronic protected health information (“ePHI”). In particular, OCR is considering modifications to the HIPAA Security Rule to address:...

Firm News | 8 min read | 08.15.24
The Best Lawyers in America 2025 Recognizes 42 Crowell & Moring Attorneys, Three Selected as Lawyer of the Year
Client Alert | 29 min read | 07.02.24
Crowell Health Solutions Update: Key Developments in AI and Digital Health Signal Growing Federal Activity (Q2 2024)
Client Alert | 11 min read | 05.17.24
FTC Finalizes Modifications to Broaden the Applicability of the Health Breach Notification Rule

View All Insights

Recognition

The Best Lawyers in America: “Ones to Watch": Health Care Law, 2023-2024; Privacy and Data Security, 2024

Brandon's Insights

Client Alert | 11 min read | 01.10.25

OCR Issues Notice of Proposed Rulemaking to Modernize the HIPAA Security Rule and Strengthen Protections for Health Information

On January 6, 2025, the Department of Health and Human Services’ Office for Civil Rights (“OCR”) published a notice of proposed rulemaking (the “NPRM”) entitled HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information. In light of evolving technologies and cybersecurity threats, the NPRM aims to modernize security regulations implementing the Health Insurance Portability and Accountability Act security standards (the “HIPAA Security Rule”) and strengthen protections for the confidentiality, integrity, and availability of electronic protected health information (“ePHI”). In particular, OCR is considering modifications to the HIPAA Security Rule to address:...

Firm News | 8 min read | 08.15.24
The Best Lawyers in America 2025 Recognizes 42 Crowell & Moring Attorneys, Three Selected as Lawyer of the Year
Client Alert | 29 min read | 07.02.24
Crowell Health Solutions Update: Key Developments in AI and Digital Health Signal Growing Federal Activity (Q2 2024)
Client Alert | 11 min read | 05.17.24
FTC Finalizes Modifications to Broaden the Applicability of the Health Breach Notification Rule

View All Insights

Insights

Client Alert | 11 min read | 01.10.25

OCR Issues Notice of Proposed Rulemaking to Modernize the HIPAA Security Rule and Strengthen Protections for Health Information

Firm News | 8 min read | 08.15.24

The Best Lawyers in America 2025 Recognizes 42 Crowell & Moring Attorneys, Three Selected as Lawyer of the Year

Client Alert | 29 min read | 07.02.24

Crowell Health Solutions Update: Key Developments in AI and Digital Health Signal Growing Federal Activity (Q2 2024)

Client Alert | 11 min read | 05.17.24

FTC Finalizes Modifications to Broaden the Applicability of the Health Breach Notification Rule

|

Health Care Privacy: Closing the Gaps in HIPAA Regulation
|
05.14.24
Privacy and Cybersecurity Outlook: The 2024 Landscape
Scope Of FTC's Health Info Enforcement May Expand
|
06.30.23
Law360
International: GDPR v. HIPAA - Comparing and contrasting two important data protection regimes
|
05.03.23
OneTrust DataGuidance
2 Privacy Rulings Highlight Browsewrap Agreement Risks
|
03.08.23
Ninth Circuit Rejects Facebook's Article III Argument: Biometric Lawsuit Will Proceed
|
12.01.19
9th Circ.'s Expansive Standard For Standing In Breach Case
|
04.06.18
Law360
Task Force Reports Hopes To Galvanize Cybersecurity Efforts In The Health Care Industry
|
07.25.17
Westlaw
OCR Issues Notice of Proposed Rulemaking to Modernize the HIPAA Security Rule and Strengthen Protections for Health Information
|
01.10.25
Crowell Health Solutions Update: Key Developments in AI and Digital Health Signal Growing Federal Activity (Q2 2024)
|
07.02.24
FTC Finalizes Modifications to Broaden the Applicability of the Health Breach Notification Rule
|
05.17.24
OCR Finalizes HIPAA Modifications to Strengthen Reproductive Health Care Privacy
|
05.03.24
HHS Finalizes Significant Modifications Aligning Part 2 Regulations with HIPAA
|
03.13.24
FTC Proposes Modifications to Strengthen COPPA Regulations
|
02.13.24
FTC Proposes Modifications to the Health Breach Notification Rule to Clarify Its Scope
|
06.06.23
Washington Enacts My Health My Data Act to Strengthen Protections for Health Data
|
05.23.23
OCR Proposes HIPAA Amendments to Strengthen Reproductive Health Care Privacy
|
04.26.23
FTC Enforcement Against Sharing Consumer Health Information Continues
|
03.08.23
"Approaches for Digital Health Organizations and Accountable Care Organizations to Develop Strong Compliance Programs," Crowell & Moring Webinar, 2023.
|
10.03.23
“How Rapidly Changing Data Policy Is Impacting Digital Health Innovation,” Healthcare Ounce of Prevention Seminar (HOOPS) 2023–Navigating the Rapid Developments in Health Care.
|
03.16.23
"Health Information Privacy, Interoperability, and Patient Access to Data: Compliance and Opportunities Regarding Data Use and Data Protections," Healthcare Ounce of Prevention Seminar (HOOPS) 2021: Health Care in the Biden Era
|
02.25.21
"HIPAA Update," Silicon Valley Association of General Counsel 31st Annual All Hands Meeting, Santa Clara, CA
|
11.19.19
"Balancing Data Access with Privacy and Security – HHS' Proposed Information Blocking Rules," Healthcare Innovation Webinar
|
10.03.19
The Best Lawyers in America 2025 Recognizes 42 Crowell & Moring Attorneys, Three Selected as Lawyer of the Year
|
08.15.24
The Best Lawyers in America 2024 Recognizes 47 Crowell & Moring Attorneys, Two Selected as Lawyer of the Year
|
08.17.23
The Best Lawyers in America 2023 Recognizes 54 Crowell & Moring Attorneys, Three Selected as Lawyer of the Year
|
08.18.22
Crowell & Moring Advises Amazon in its $3.9 Billion Acquisition of One Medical
|
07.22.22
Crowell & Moring Elects Eight New Partners and Promotes Seven to Senior Counsel and 26 to Counsel Positions
|
01.02.20
CMS Issues Guidance on HIPAA-Compliant Secure Texting Platforms
|
04.03.24
Crowell Health Solution’s Trends in Transformation
OCR Takes Enforcement Action for Phishing Attack
|
12.12.23
Crowell & Moring’s Health Law Blog
OCR Issues Guidance to Providers and Patients on Telehealth Privacy and Security
|
10.25.23
Crowell & Moring’s Health Law Blog
FTC Continues to Enforce Against Data Practices of Healthcare Apps
|
05.26.23
Crowell Health Solution’s Trends in Transformation
FTC Announces Enforcement Action Against Ovulation Tracking App Premom
|
05.24.23
Crowell & Moring’s Health Law Blog
Increased Cyber Risk for Health Care Organizations Due to the Russia-Ukraine Conflict
|
03.04.22
Crowell & Moring’s Health Law Blog
OCR Announces First Enforcement Action Under Its Right to Access Initiative
|
09.11.19
Crowell & Moring's Health Law Blog
New Proposed Rules on Confidentiality of Substance Use Disorder Data Would Address Care Coordination and Law Enforcement Challenges
|
08.28.19
Crowell & Moring's Health Law Blog
Privacy & Cybersecurity – New York Enacts the SHIELD Act
|
08.20.19
Crowell & Moring's International Trade Law
FDA Issues New Guidance for the Management of Cybersecurity in Medical Devices
|
10.19.18
Crowell & Moring's Health Law Blog

View All Insights

Practices

Brandon's Insights

Client Alert | 11 min read | 01.10.25

OCR Issues Notice of Proposed Rulemaking to Modernize the HIPAA Security Rule and Strengthen Protections for Health Information

On January 6, 2025, the Department of Health and Human Services’ Office for Civil Rights (“OCR”) published a notice of proposed rulemaking (the “NPRM”) entitled HIPAA Security Rule To Strengthen the Cybersecurity of Electronic Protected Health Information. In light of evolving technologies and cybersecurity threats, the NPRM aims to modernize security regulations implementing the Health Insurance Portability and Accountability Act security standards (the “HIPAA Security Rule”) and strengthen protections for the confidentiality, integrity, and availability of electronic protected health information (“ePHI”). In particular, OCR is considering modifications to the HIPAA Security Rule to address:...

Firm News | 8 min read | 08.15.24
The Best Lawyers in America 2025 Recognizes 42 Crowell & Moring Attorneys, Three Selected as Lawyer of the Year
Client Alert | 29 min read | 07.02.24
Crowell Health Solutions Update: Key Developments in AI and Digital Health Signal Growing Federal Activity (Q2 2024)
Client Alert | 11 min read | 05.17.24
FTC Finalizes Modifications to Broaden the Applicability of the Health Breach Notification Rule

View All Insights

Brandon C. Ge

Overview

Overview

Career & Education

Education

Admissions

Brandon's Insights

Recognition

Brandon's Insights

Insights

Publications

Client Alerts

Speaking Engagements

Firm News

Blog Posts

Practices

Brandon's Insights