Stacey L. Gulick

Garfunkel Wild, P.C.

Stacey L. Gulick

Garfunkel Wild, P.C.



Stacey L. Gulick is Chair of the Garfunkel Wild’s HIPAA compliance Practice Group. With over 30 years of experience, her practice focuses on Federal and state regulatory, interoperability and technology related issues, including response to government inquiries, compliance initiatives and transactions. In particular, Ms. Gulick assists clients in implementation of cybersecurity and HIPAA compliance programs and investigations, information security breach response, medical staff hearings and bylaws, and healthcare diligence in large transactions such as mergers and acquisitions. Ms. Gulick also has extensive experience in the unique regulatory and business needs of hospitals, clinical laboratories, DSRIP performing provider systems, ambulatory surgery centers and federally qualified health care centers.

Representative Matters:

  • Primary counsel for one of the largest public health information exchanges in the United States, including successful negotiation of Participant Agreements for hundreds of participants.
  • Managed breach response, and successfully closed investigation by the Federal Department of Health and Human Services, Office of Civil Rights, for a large hospital system following a breach involving over 180,000 individuals.
  • Represented ambulatory surgery center against, and prevented, threatened loss of accreditation, New York licensure, and Medicare contract following a significant immediate jeopardy scenario.
  • Negotiated contracts to establish health information exchange among the majority of federally qualified health care centers in New Jersey.
  • Created and implemented Plan of Correction for federally qualified health care center, which prevented threatened closure of the Center.
  • Developed HIPAA compliance program and Business Associate Agreement templates that have been used by hundreds of health care providers.
  • Acted as health care counsel in numerous private equity transactions exceeding $20 million.
  • Provided counsel to physician practices and laboratories regarding management structure, physician office laboratories, Medicaid investigations and breach response.

Prior to joining the firm in 2001, Ms. Gulick worked in hospital administration as a Fraud and Abuse Compliance Officer and Risk Manager.
She received her B.A., Masters in Business Administration and Masters in Health Administration from the University of Pittsburgh and her J.D. from the St. John’s University School of Law.

Speeches and Events

  • “HIPAA Security Breaches and Enforcement (i.e., what it really costs to manage a HIPAA violation)” HFMA’s (Connecticut Chapter) 2016 Legal Playbook: Best Practices to Keep Your Healthcare Operations on the Winning Side Seminar, Wallingford, CT (February 23, 2016)
  • “Disruptive Behavior and Reporting Obligations” Rutgers, New Jersey Medical School and Center for Continuing and Outreach Education at Rutgers Biomedical and Health Sciences, North Bergen, NJ (November 4, 2015)
  • “Emerging Legal Issues in Electronic Medical Records: Access and Confidentiality,” Pace Law School CLE Program, White Plains, NY (November 6, 2014)
  • “Help Get Your Medical Practice Compliant with the Final 2013 HIPAA/HITECH Regulations,” Fairfield County Medical Association Seminar, Norwalk, CT, (September 12, 2013)
  • HITECH for Health Care Attorneys – 2012 Webcast, New York State Bar Association, Albany, NY (December 7, 2012)
  • HIPAA Privacy & Security – OCR Performance Audits of Hospitals, Metropolitan New York Chapter Healthcare Financial Management Association (HFMA) Fall Academy, Uniondale, NY (October 24, 2012)
  • Possibilities and Pitfalls in Exchanging Electronic Patient Data with Other Providers and Payors, NYAHSA (New York Association of Homes and Services for the Aging) Annual Conference and Exposition, Saratoga Springs, NY (June 21, 2011)
  • Healthcare Providers – Statutory and Regulatory Issues, New York State Bar Association, New York, NY (April 9, 2010)
  • OMIG & HIPAA: HITECH Seminar, Pharmacists Society of the State of New York, March 18, 2010 (Getzville, NY)
  • Health Care Reform: Now What?, New York State Bar Association’s 2010 Annual Meeting, Health Law Section, New York, NY (January 27, 2010)


  • Authored chapter entitled “HIPAA & HITECH Electronic Transaction, Security and Privacy Regulations” and co-authored chapters “Clinical Laboratories” and “The Physician-Patient Privilege: Protecting the Confidentiality of Communications Between Patients and Their Health Care Providers” in the Legal Manual for New York Physicians (Sixth Edition)
  • “Be Prepared: Enforcement of the New HIPAA Rules” Journal of the American College of Radiology (Vol. 10, Issue 10, pgs. 733-735) September 2013
  • To Text or Not To Text?, Journal of the American College of Radiology, June 2012
  • Preparing for Electronic Communication in Health Care, Garden State Focus, (Co-authored with Andrew Blustein) Vol 58, Num 3, November/December 2011
  • Social Media: A Brave New World for Doctors, Journal of the American College of Radiology, May 1, 2011
  • Practical Implications of HITECH, New Jersey Law Journal (September 13, 2010), Volume 201, Number 11