Cozen O’Connor: Blaney, Ryan

Ryan P. Blaney

Chair, Privacy & Data Security

Washington, D.C.

(202) 463-2528

(202) 861-1905

Recent News:

Quest, Labcorp Breach Highlights Limits of HIPAA's Vendor Oversight

Ryan Blaney discussed with Legal Tech News Quest and Labcorp's recent data breach and where the responsibility falls.

Ryan represents health care and life sciences clients in a wide range of litigation, regulatory, and transactional matters, but has particular experience in the areas of privacy law compliance and health care fraud litigation. 

In his regulatory and transactional practice, Ryan serves public and private health care companies, academic medical centers, health systems, hospitals and physician organizations, manufacturers, medical devices, information technology, and health plans. Major corporations rely on him to design institution-wide strategies for HIPAA compliance, draft privacy policies, lead implementation and workforce trainings, and manage breach responses.

In the area of data privacy and information security, he has advised clients of their legal notice and compliance responsibilities stemming from data breaches and has represented them before state attorneys general in connection with these incidents. Ryan also serves as a member of the U.S. Chamber of Commerce Privacy Principles Working Group, and participated in the drafting of the U.S. Chamber's recommended guidelines and proposed national privacy law. 

He frequently counsels providers on reimbursement matters, marketing, and sales activities, and federal and state compliance mandates. In addition, Ryan guides venture capital groups, private equity funds, investment banks, and other investors on health care regulatory issues in connection with financing, mergers and acquisitions, and restructuring. 

Ryan has substantial experience in pharmaceutical lifecycle management and competition issues, including the Hatch-Waxman Act and Biosimilars Price Competition and Innovations Act. He is adept at navigating the FDA's complex administrative processes and structure, including the FDA's dispute resolution and Citizen Petition processes.

Moreover, Ryan has significant litigation experience representing pharmaceutical companies in Hatch-Waxman litigation, responding to agency enforcement activities and conducting internal investigations regarding compliance with FDA legal and regulatory requirements. Ryan also represents clients in health care antitrust investigations before the Federal Trade Commission, class action antitrust litigations, and fraud and abuse cases, including False Claims Act qui tam and whistleblower disputes. He guides clients through the initial response to whistleblower claims, helping them avoid retaliation landmines and positioning them for a quick resolution. Ryan conducts sensitive internal investigations and responds to government-led inquiries or investigations.

Ryan’s work is greatly informed by his experience as a teacher. Prior to attending law school, Ryan earned a master’s degree in education and taught at an under-resourced Catholic middle school. He is known for his ability to communicate clearly and to coordinate large teams working on complex matters. Ryan is co-editor of Cozen O'Connor's Health Law Informer blog and authored the HIPAA and Medical Privacy chapter in a highly regarded PLI Treatise.

Outside of his health law practice, Ryan has been repeatedly recognized for his public service and pro bono work. He has successfully handled numerous education-related cases, helped establish three nonprofit organizations and defended qualified recipients of disability benefits. In 2007, he was awarded the New Jersey Bar Association and Legal Services of New Jersey Equal Justice Award for his work representing low-income clients of Legal Services.

Ryan earned his B.A. and M.Ed. from the University of Notre Dame and his J.D. from Notre Dame Law School. He is active in the Notre Dame Alumni Association and the John Carroll Society in Washington, D.C., as a member of the planning committee of the annual Red Mass.



Quest, Labcorp Breach Highlights Limits of HIPAA's Vendor Oversight

June 13, 2019

Ryan Blaney discussed with Legal Tech News Quest and Labcorp's recent data breach and where the responsibility falls.

Ryan Blaney Quoted in on the Artificial Intelligence Executive Order

February 13, 2019

Ryan Blaney is quoted in discussing the artificial intelligence executive order and why it shouldn't be viewed as something directed towards private industries such as law firms, however it should spark conversation.

Xcaliber International Receives 15 Additional Orders from the FDA with Cozen O'Connor’s Guidance

September 11, 2018

Cozen O'Connor guided Xcaliber International, Ltd., L.L.C. (Xcaliber) as the organization received 15 additional orders from the U.S. Food and Drug Administration.

ONC Discusses Health Data Risk from Entities Not Covered by HIPAA

July 27, 2016

Ryan Blaney discusses a new report from the Office of the National Coordinator for Health Information Technology that examines privacy and cybersecurity risks.

Greg Fliszar & Ryan Blaney Discuss HIPAA on

December 19, 2015

Greg Fliszar and Ryan Blaney, members of Cozen O’Connor’s Health Law practice, discuss best practices for the Health Insurance Portability and Accountability Act (HIPAA) on

Ryan Blaney Quoted in Data Guidance on HIPAA Audits

May 21, 2015

Ryan Blaney, a member in the firm's Health Law Practice Group, is quoted in Data Guidance on the second round of HIPAA audits conducted by the OCR, and how it will pose a 'rude awakening' for business associates.

Eleven Cozen O'Connor Attorneys Recognized as Washington, D.C., Super Lawyers and Rising Stars

April 27, 2015

Washington, D.C., April 27, 2015 – The 2015 Washington, D.C., edition of Super Lawyers Magazine, published by Thomson Reuters, has named 11 Cozen O’Connor attorneys to its annual list of Super Lawyers and Rising Stars.

Jefferson Health System Legal Counsel, Raphaely, Joins Cozen O’Connor as Co-Chair of Health Care Practice Group

July 09, 2014

Cozen O’Connor continues to strengthen its focus on health care with the recent hiring of R. Christopher Raphaely, who will serve as co-chair of the firm’s Health Care Practice Group. Previously deputy general counsel for the Jefferson Health System, and general counsel to the system’s accountable care organization and captive professional liability insurance companies, Raphaely will be resident in the Philadelphia office.

Ryan Blaney Quoted in Compliance Week Regarding HIPAA Fines

June 17, 2014

Ryan Blaney, of the Health Care Practice Group, was recently quoted in a Compliance Week article titled, "HHS Coming Down Harder on Healthcare Privacy Violations." The article examines how the Department of Health and Human Services is issuing stern warnings to healthcare providers to take patient privacy issues more seriously. If they do not, they will suffer more severe fines and penalties. Ryan offered his remarks on the largest HIPAA fine to ever be given by stating, "Although the penalty was the largest HIPAA fine to ever be levied in a single case, the violation that led to it wasn't all that unusual."

Cozen O’Connor Expands Health Care and Aviation Practices with Hiring of Blaney and Heffernan

May 07, 2014

Cozen O’Connor has continued to grow its Washington, D.C., office with the recent additions of health care attorney Ryan Blaney and aviation attorney David Heffernan, both of whom join the firm as members.

Nine Cozen O’Connor Attorneys Recognized as Washington, D.C., Super Lawyers and Rising Stars

May 01, 2014

Washington, D.C., May 1, 2014 – The 2014 Washington, D.C., edition of Super Lawyers Magazine, published by Thomson Reuters, has named nine Cozen O’Connor attorneys to its list of Super Lawyers and Rising Stars.


Here is Your Opportunity to Tell HHS How to Improve HIPAA

December 12, 2018

Ryan P. Blaney and Alexandra Campau discuss the 32-page RFI released by the U.S. Department of Health and Human Services Office for Civil Rights.

FDA Issues Final Guidance on “Labeling for Biosimilar Products” [Alert]

October 18, 2018

The guidance emphasizes biosimilarity while recognizing key differences between biosimilar and reference products.

Don't Misrepresent Your U.S. - E.U. Privacy Shield Status: FTC Brings An Enforcement Action [Health Law Informer Blog]

July 06, 2018

As US companies continue to spend time and effort complying and responding to all of the new privacy laws and regulations both in the United States and aboard (i.e. GDPR and California Consumer Privacy Act of 2018) companies cannot forget the basics.  If you represent something in your Privacy...

“Full Employment for CISOs in New York”: New York Proposes the Nation’s First Cybersecurity Regulation [Cyber Law Monitor Blog]

September 22, 2016

If you’re a CISO living in New York get ready for the phone calls!!! On September 13, 2016, Governor Andrew M. Cuomo proposed the nation’s first cybersecurity regulation. Starting on September 28, 2016 there is a limited 45 day window of opportunity for financial institutions and interested parties...

An Introduction to Health Law Litigation Based on Contract and Government Claims [ABA]

August 01, 2016

Ryan Blaney authored a chapter in An Introduction to Health Law Litigation Based on Contract and Government Claims.

Representing Hospitals and Health Systems Handbook [AHLA]

August 01, 2016

Mark Gallant and Ryan Blaney discuss key issues for hospital and health care professionals in the AHLA Representing Hospitals and Health Systems Handbook.

Data Security Plays a Key Role in the Adoption and Success of Precision Medicine [Health Law Informer Blog]

June 16, 2016

The White House recently released a guidance document for those in the precision medicine community to help ensure that participants’ data and resources remain secure.  The document, titled “Precision Medicine Initiative: Data Security Policy Principles and Framework,” is meant to offer “security...

The E-Cigarettes Industry Fights Back Challenging the FDA in Federal Court [Health Law Informer Blog]

May 16, 2016

Days after the publication of the Food and Drug Administration’s controversial final rule regarding e-cigarettes (and other nicotine-delivering products), a company called Nicopure Labs LLC filed a lawsuit challenging it in the U.S. District Court for the District of Columbia.  Nicopure seeks to...

Heads-up! HIPAA Phase Two Audits Begin - Business Associates Included! [Health Law Informer Blog]

March 22, 2016

The Department of Health and Human Services (HHS) Office of Civil Rights (OCR) finally announced on March 21 that it is ready to begin Phase Two of its HIPAA audit program, which will include business associates. These audits, mandated by HITECH, will primarily be comprised of desk audits, scheduled...

Finally! CMS Publishes the 60-Day Rule for Reporting and Repaying Medicare Overpayments [Health Law Informer Blog]

February 12, 2016

After four years and 200 comments, CMS finalized the much‑awaited “60‑Day Rule” for reporting and repaying Medicare Part A and B overpayments (CMS issued a Final Rule related to Medicare part C and D overpayments in the May 23, 2014 Federal Register, 79 FR 29844, and will address Medicaid...

Overcoming the Obstacles in TCPA on Patient Engagement [Data Protection Law & Policy]

November 03, 2015

Ryan P. Blaney discusses consent requirements when the TCPA and HIPAA intersect.

The Need to Take Cyber Threats Seriously in the World of Sports [World Sports Law Report]

November 01, 2015

Ryan Blaney and Jason Bonk review the need for proper cybersecurity measures, discuss an ongoing probe of two MLB franchises regarding a possible inter-team hacking scandal, and put forward a valuable list of items that every actor in the sports world should consider in order to mitigate the risk of privacy/cyber breaches.

The “Other” Safe Harbor: OIG Warns Healthcare Providers and Vendors Against Information Blocking and Federal Anti-Kickback Violations [Health Law Informer Blog]

October 15, 2015

For those of us who work in the privacy and security space this past week has been a whirlwind with focus on the ramifications of the European Court of Justice (ECJ) decision invalidating the EU-U.S. Safe Harbor Agreement.  Much has been written on the EU-U.S. Safe Harbor Agreement and much more...

Largest Criminal Health Care Fraud Takedown - 243 Charged and $712 Million in False Billings [Health Law Informer Blog]

June 18, 2015

On June 18, 2015, HHS Secretary Sylvia M. Burwell and DOJ Attorney General Loretta E. Lynch announced nationwide arrests in Medicare fraud schemes amounting to approximately $712 million in false billings.  Attorney General Lynch described the strike as "the largest criminal health care fraud...

Not Much New ... But a Good Reminder for Medical Director Relationships [Health Law Informer Blog]

June 15, 2015

After a significant number of settlement agreements between the U.S. Department of Health and Human Services Office of Inspector General (OIG), OIG decided to release a Fraud Alert reminding physicians, practices and hospitals about the significant compliance risks with medical director agreements....

Another Health Plan Hit By Massive CyberAttack and Class Actions Follow [Cyber Law Monitor Blog]

April 03, 2015

Coming fresh off the heels of the Anthem data breach Premera Blue Cross announced on March 17th that it was the victim of a “sophisticated” cyberattack that may have exposed the personal information of approximately 11 million of its members.  Premera has approximately 6 million members residing in...

“It’s Not Easy to Unscramble the Eggs” … Despite the FTC’s Win at the U.S. Supreme Court, the Phoebe Putney Hospital Merger Remains Intact [Health Law Informer Blog]

April 03, 2015

Nearly four years after the Federal Trade Commission (“FTC”) first challenged the combination of the only two hospitals in Albany, Georgia, the FTC, Phoebe Putney Health Systems, Inc. (“Phoebe Putney”), Hospital Authority of Albany – Dougherty County (“Hospital Authority”) and HCA, Inc. (“HCA”)...

Another Health Plan Hit By Massive CyberAttack and Class Actions Follow [Health Law Informer Blog]

March 30, 2015

Coming fresh off the heels of the Anthem data breach Premera Blue Cross announced on March 17th that it was the victim of a “sophisticated” cyberattack that may have exposed the personal information of approximately 11 million of its members.  Premera has approximately 6 million members residing in...

On the Horizon ... A Possible "Permanent" Cure to Medicare's "Doc Fix" [Health Law Informer Blog]

March 27, 2015

In a historic bipartisan moment, the U.S. House of Representatives passed a nearly 300-page bill that is intended to “repeal the Medicare sustainable growth rate [“SGR”] and strengthen Medicare access by improving physician payments and making other improvements.” The legislation, titled the...

Going Paperless: FDA Releases Draft Guidelines to Digitize Clinical Trials [Health Law Informer Blog]

March 12, 2015

The FDA released draft guidelines (“Guidelines”) on Monday, March 9, 2015 establishing recommendations on the use of e-media and processes to obtain informed consent for clinical investigations (trials) of medical products including human drug and biological products, medical devices and...

Recent Developments [ABA Health Care & Pharmaceuticals Committee]

February 28, 2015

Ryan Blaney, a member in the firm's health care practice, contributes to the ABA Health Care & Pharmaceuticals Committee's Recent Developments, which contains summaries of recent federal and state court cases, government enforcement actions, and other “recent developments” involving antitrust and privacy issues in the health care and pharmaceutical industries.

ProMedica and the AHA Seek Guidance from SCOTUS on Hospital Consolidations and Mergers [Health Law Informer Blog]

February 05, 2015

The New Year started out with a bang in the healthcare antitrust circles with ProMedica Health Systems Inc.’s (“ProMedica”) well-publicized petition to the US Supreme Court and the American Hospital Association’s (AHA) amicus brief in support of ProMedica.  ProMedica hopes that the Supreme Court...

Decision Alert: US Supreme Court Potentially Shifts the Balance in Healthcare Employee Benefits Litigation [Health Law Informer Blog]

January 26, 2015

Justice Clarence Thomas and a unanimous US Supreme Court decided to vacate a Sixth Circuit decision and hold that the federal courts cannot assume from silence in a union's collective bargain agreement that retiree group health insurance benefits continue indefinitely.  The Supreme Court found that...

Time to Get Rid of Those Post-it Notes with All Your Passwords!!! [Health Law Informer Blog]

January 22, 2015

This month, Governor Chris Christie signed into law a New Jersey bill requiring health insurance carriers (e.g., insurance companies, health service corporations, hospital service corporations, medical service corporations, HMOs that issue health benefits plans in New Jersey) to encrypt or...

Summary of OIG'S 2015 Work Plan [ALHA]

December 31, 2014

Ryan Blaney, a member in the firm's Washington, D.C. office contributes to the OIG's summary of new and ongoing reviews and activities that OIG plans to pursue with respect to HHS programs during the current Fiscal Year and beyond.

Recent Developments - October 2014 [ABA Health Care and Pharmaceuticals Committee]

October 22, 2014

Ryan Blaney, a member of Cozen O’Connor’s Health Law practice group, was a contributor in the October edition of the ABA Health Care and Pharmaceuticals Committee Recent Developments. Recent Developments contains summaries of recent federal and state court cases, government enforcement actions, and other ‘’recent developments’’ involving antitrust and privacy issues in the health care and pharmaceutical industries.

"LoProCo", 12,915 Complaints, and Other Lessons from OCR/NIST [Health Law Informer Blog]

September 26, 2014

12,915 complaints were reported in 2013 to the Department of Health and Human Services Office of Civil Rights (“OCR”) according to Illiana L. Peters, Senior Adviser for HIPAA Compliance and Enforcement.  Cozen O’Connor attended Ms. Peters’ presentation at the Safeguarding Health...

CMS and ACOs: A Busy Summer and a Busier Fall [Health Law Informer Blog]

August 05, 2014

It has been a busy summer so far for the Centers for Medicare & Medicaid Services (CMS) with respect to Accountable Care Organizations (ACOs), as the agency has proposed altering the quality reporting measures under the Medicare Shared Savings Program (“MSSP”) for 2015 and beyond....

Recent OCR Reports Illustrate Past and Future Compliance and Enforcement Efforts [Health Law Informer Blog]

July 29, 2014

Daily news stories about data breaches and enforcement actions seem to be the new norm, so it’s no surprise that people may start to believe that hackers have won the war and that no personal health information is safe. But exactly how many breaches have been reported in the last several years? And...

Events & Seminars

Upcoming Events

Reviewing the FDA's Perspective on the Ever-Expanding Role of Digital Health

September 19, 2019 - Boston, MA

Ryan Blaney will present at the American Conference Institute's 34th Annual FDA Boot Camp reviewing the FDA's perspective on the ever-expanding role of digital health

Past Events

Health Law 2019

December 05, 2018 - Philadelphia, PA

Drugs and Biologics: Labeling

September 27, 2018 - Boston, MA

ACI FDA Boot Camp

March 08, 2018 - New York, NY

Healthcare Technology and Privacy in an Evolving Era

January 18, 2018 - Washington D.C.

2017 Health Law Year In Review

December 06, 2017 - Philadelphia, PA

7th Annual Health Law Year in Review

December 07, 2016 - Philadelphia, PA

4A Healthcare Data Security & Privacy Symposium

October 04, 2016 - Philadelphia, PA

ACI’s Data Breach & Privacy Litigation Conference

September 29, 2016 - New York, NY

ACI’s 28th Annual FDA Boot Camp

September 21, 2016 - Boston, MA

Health Law Update

July 21, 2016 - Webinar/Philadelphia, PA

The 2016 Revitas Life Sciences Summit

April 20, 2016 - Baltimore, MD

PBI 22nd Annual Health Law Institute

March 15, 2016 - Philadelphia, PA

FDA Boot Camp 2016

March 09, 2016 - New York, NY

2015 Health Law Year in Review

December 08, 2015 - Philadelphia, PA

IAPP Data Protection Intensive

April 15, 2015 - London

Health Law Year In Review

December 03, 2014 - Philadelphia, PA

2014 Revitas Industry Summit: Life Sciences

October 21, 2014 - Philadelphia, PA


  • Notre Dame Law School, J.D., 2004
  • University of Notre Dame, M. Ed., 2001
  • University of Notre Dame, B.A., 1999
  • New Jersey
  • District of Columbia
  • New York
  • Pennsylvania
  • U.S. Supreme Court
  • U.S. Court of Appeals for the District of Columbia Circuit
  • U.S. Court of Appeals for the Third Circuit
  • U.S. District Court -- District of Columbia
  • U.S. District Court -- New Jersey
  • U.S. District Court -- Eastern District of Pennsylvania

Co-Chair, D.C. Chapter, International Association of Privacy Professionals (IAPP)