skip to main content
Partner - William J. Roberts

William J. Roberts


Download vCard

William Roberts is a partner in the firm’s Health Law Practice Group and is the Chair of the firm’s Privacy and Data Protection team.  Bill focuses his practice on health care corporate, regulatory and data privacy matters.  He represents health care providers, health insurers, medical device and pharmaceutical companies, health information technology firms and a variety of other public and private sector clients.

In the area of health law, Bill advises clients on compliance with fraud and abuse laws, the Stark law, reimbursement, EMTALA, licensure and the False Claims Act. He represents clients in connection with various contractual matters, including affiliations, supply chain, employment, professional services and other arrangements. In addition, he assists clients in the development and implementation of health information technology, including telemedicine, electronic medical records, data sharing arrangements, patient portals, e-consults and other emerging technologies.

Bill’s work in data privacy includes serving as outside privacy counsel to health care providers, technology firms and several Fortune 100 health insurers.  In this capacity, he drafts and updates privacy notices, policies and procedures; drafts and negotiates business associate agreements; handles complaints; responds to governmental inquiries; provides staff training; and assists in-house counsel with privacy compliance questions and program development.

In addition to advising clients in more than 100 data breach matters, Bill regularly assists with establishing compliance programs for early detection of privacy concerns and guides clients in conducting investigations and providing notifications when a breach has occurred; he also provides representation before federal and state agencies during breach investigations, including the Department of Health & Human Services (HHS), the Office for Civil Rights (OCR), the Federal Trade Commission (FTC) and state attorneys general. Bill counsels clients regarding compliance with HIPAA/HITECH, the Gramm-Leach-Bliley Act (GLB), the Payment Card Industry Data Security Standards (PCI DSS), the Fair Credit Reporting Act (FCRA), Telephone Consumer Protection Act (TCPA), the Children’s Online Privacy Protection Act (COPPA), and the Federal Trade Commission Act (FTCA).  He also chairs the firm’s Information Privacy and Security Committee.

For issues related to health information technology, Bill serves as outside counsel to EMR providers, mobile app developers and other software and technology firms that provide services to the health care sector. He also advises clients on website/mobile app privacy policies and terms and conditions, contracting matters, data privacy, regulatory compliance and the launching of new products and services. 

Bill has extensive experience in the life sciences industry, where he assists clients with the establishment of clinical research programs, the drafting of research agreements and informed consent forms, working with IRBs and compliance with HIPAA, Common Rule and other regulatory requirements. He also counsels them on compliance program development, compliance audits, clinical trials, the Sunshine Act, and compliance with PhRMA’s Code on Interactions with Health Care Professionals, Advamed’s Code of Ethics on Interactions with Health Care Professionals and other industry guidelines. 

Bill is a frequent speaker and author on health care privacy issues, both nationally and internationally. He is also regularly called upon by the media to comment on health care legal matters.


  • Listed as a Connecticut Super Lawyer Rising Star®: Health Care (2011-2016)
  • New Leader in the Law, Connecticut Law Tribune (2013)

Professional Affiliations

  • American Bar Association: Business Law Section, Envoy; Content Director, Health Law Committee; Member, Health Care and Life Sciences Committee; Member, Cyberspace Committee
  • American Bar Association: Health Law Section, Breach Notification Working Group
  • American Health Lawyers Association: Mentor
  • Connecticut Bar Association: Health Law Section
  • Connecticut Hospital Association
  • Connecticut United for Research Excellence, Inc. (CURE): Member
  • Health Care Compliance Association

Establishment of Corporate Compliance Program for National Biotech Firm

Counseled national biotech firm on the establishment and implementation of a corporate compliance program. Establishment of the program involved the drafting of program documents and policies, developing training materials for staff and reforming internal procedures and processes. Program addressed, among other topics, contracting guidelines, fraud and abuse, and compliance auditing and monitoring.

Establishment of On-Call Teleradiology Program

Represented large acute care hospital in the establishment of an on-call teleradiology program. The matter involved the negotiation of vendor contracts, development of credentialing and privileging procedures and advising on billing and reimbursement issues.


February 15, 2017  SAMHSA Modernizes Regulations Governing the Confidentiality of Substance Use Disorder Records
October 11, 2016  Providing Transgender-Inclusive Health Care
October 3, 2016  Family Policy Compliance Office Issues FERPA Privacy Guidelines
October 27, 2016  October 17th Compliance Deadline for HHS Nondiscrimination Notifications Approaches
June 20, 2016  Governor Signs Student Data Privacy Law
May 24, 2016  Connecticut Legislature Passes Non-Compete Act Concerning Contracts With Physicians
April 2016  Communicating Protected Health Information Via Text Messaging
January 27, 2016  If You Provide Behavioral Health Services, Do the New HIPAA Reporting Rules Apply to You?
January 21, 2016  APCDs: One Solution to Obtaining Meaningful Performance Data
December 9, 2015  Stark Law Update
August 4, 2015  Doing Business With the State of Connecticut: A Guide to Data Privacy and Security Requirements
June 22, 2015  Conn. Seeks To Tighten Data Privacy Requirements
May 11, 2015  Achieving Diversity in Pharmaceutical Clinical Trials
February 9, 2015  Key Issues in Negotiating a Health Information Technology Agreement
January 2015  Going Live with a Patient Portal—Legal Risks and Operating Documents
December 12, 2014  Recent Data Breach Demonstrates the Importance of Attention to Software and IT Systems
November 14, 2014  Bill Roberts Quoted in CT Law Tribune Article, "Conn. Medical Records Ruling Could Have Widespread Impact"
November 11, 2014  Health and Human Services Addresses Ebola and Other Public Health Emergencies
October 2014  Reflecting America's Patient Population - The Need for Diversity in Clinical Trials
October 16, 2014  Proposed Revisions to Anti-Kickback Safe Harbors and Civil Monetary Penalty Provisions
September 2, 2014  CMS Proposes Short-Term Inpatient Admission Settlement Process for Hospitals
August 1, 2014  Connecticut Expands Transparency Reporting Obligations to APRNs
July 9, 2014  Connecticut Health Law 2014 Legislative Update
May 12, 2014  Health Law: HIPAA Breaches: Getting It Right
March 2014  Living with the Medical Device Excise Tax
February 3, 2014  CMS Delays the 2-Midnight Rule For At Least Another 2 Midnights
January 14, 2014  IRS Releases Further Guidance for Tax-Exempt Hospitals
January 3, 2014  A Primer on Bringing Traditional Chinese Medicine to the U.S. Market
December 4, 2013  DSS Releases Proposed FQHC Reimbursement Regulations
November 19, 2013  Court Rules that Hospital's Incentive Payments for its Oncologists Violated the Stark Law
November 8, 2013  CMS Delays Post-Payment Reviews for "Short-Stay" Inpatient Admissions
November 6, 2013  Medicare Conditions of Participation for Community Mental Health Centers
August 27, 2013  Recent Data Breach Demonstrates the Importance of Keeping Track of Your Sensitive Information
August 26, 2013  Recent OCR Enforcement Action Demonstrates the Importance of a Thorough Risk Analysis
August 8, 2013  Health Law 2013 Legislative Update
June 25, 2013  FDA Releases Draft Cybersecurity Guidance for Medical Devices
May 22, 2013  Lessons Learned From "U.S. ex rel., Drakeford v. Tuomey Healthcare System, Inc."
May 20, 2013  Shining The Light On Physician Payment Sunshine Act
May 16, 2013  Certificate of Need Regulations Finalized and Released
February 28, 2013  CMS Issues Physician Payments Sunshine Act Final Rule
February 12, 2013  HIPAA Final Rule
January 3, 2013  HHS Announces Mobile Device Security Initiative
November 2012  Connecticut's HIE: A Look at the Nutmeg State's Approach to Sharing Patient Information
October 23, 2012  DSS Releases Proposed Provider Audit Regulations
September 21, 2012  U.S. Department of Justice Announces $16.5 Million Settlement with HCA, Inc. for False Claims Act and Stark Law Claims
August 2, 2012  Breaches of Personal Information Must Now Be Reported to the Attorney General
June 28, 2012  Health Law Practice Group Discusses Supreme Court's Ruling on the Patient Protection and Affordable Care Act
June 26, 2012  Health Law 2012 Legislative Update
June 6, 2012  DSS Publishes Final Regulations on Reimbursement of Medical Foundations
May 17, 2012  CMS Releases Final Rule on PPACA Program Integrity Provisions
May 2, 2012  FDA and HHS Rules on Disclosure of Conflicts of Interest in Research

View All »


March 6, 2017  Cyber Security Program and Panelist Bill Roberts Emphasize Preventive Measures
January 23, 2017  Bill Roberts Quoted on Importance of Cybersecurity Risk Management Plans
January 10, 2017  Bill Roberts Weighs in on Increased Attempts to Steal W-2s
January 1, 2017  Firm Names New Partners: Michele Backus and William Roberts
December 20, 2016  Bill Roberts Quoted by Association of American Medical Colleges
October 26, 2016  Bill Roberts Suggests Quick Response to Student Data Breaches
October 18, 2016  CT Attorneys Recognized as 2016 Super Lawyers
September 13, 2016  Bill Roberts Published in New Handbook by American Health Lawyers Association
August 19, 2016  Bill Roberts Offers New Guidance on Health Care Data Privacy
July 20, 2016  Health Law Daily Recaps HCCA Vendor Privacy Webinar Presented by Bill Roberts
July 11, 2016  Bill Roberts Quoted in Part B News on Recent HIPAA Breach
June 10, 2016   Bill Roberts Featured in Q&A on Data Privacy, Information Security and Preventing Breaches
October 19, 2015  CT Attorneys Recognized as 2015 Super Lawyers
March 5, 2015  Bill Roberts Joins HIPAA Website as Commentator
November 14, 2014  Bill Roberts Comments on Medical Records Ruling
October 17, 2014  CT Attorneys Recognized as 2014 Super Lawyers
September 17, 2014  ABA Appoints Bill Roberts as Business Law Section Envoy
September 15, 2014  October Data Privacy Summit
November 4, 2013  Brown and Roberts Recognized as New Leaders in the Law
October 21, 2013  CT Attorneys Recognized as 2013 Super Lawyers
October 22, 2012  "Super Lawyers" Recognizes 51 Lawyers from Firm
May 11, 2012  Panel Explores Risks and Rewards of Social Media for Health Care Providers

View All »


April 21 2017  Sustaining the Transition to Value in a Time of Policy and Market Turmoil
March 26-29, 2017  Health Care Compliance Association's 21st Annual Compliance Institute
March 10, 2017  CLE Event: Labor and Employment Spring Seminar: 2017 Public Sector Legal Update
March 1, 2017  The Next Generation of Cyber Security: It's Not Just About Firewalls and Antivirus Software Anymore
February 23, 2017  Recent Privacy and Security Developments in Human Subjects Research
February 22, 2017  CLE Event: Webinar: Safeguarding Your Business: Preventing and Responding to Data Breach and Cyber-liability
November 30 - December 2, 2016  OCR Audits Phase 2 With Real Life Experience - How to Navigate?
November 10, 2016  CT Community Nonprofit Alliance, Inc. Behavioral Health CFO Forum
October 23-26, 2016  MAGI's Clinical Research Conference - 2016 West
October 20, 2016  CT Technology Council 2016 IT Summit
September 20, 2016  CT Community Nonprofit Alliance, Inc. Compliance Roundtable
July 19, 2016  Vendor Privacy: Due Diligence and Contracting Solutions
June 27, 2016  Briefing on Public Act 16-189: An Act Concerning Student Data Privacy
June 15, 2016  Webinar: Managing HIPAA Data Breaches
May 2, 2016  HR's New Challenge: Cyber Security
April 9, 2016  American Bar Association Business Law Section Spring Meeting
March 23, 2016   Webinar: Telemedicine & eConsults - Where We Are Today and Where We're Going
February 23, 2016  CT HFMA: 2016 Legal Playbook: Best Practices to Keep Your Healthcare Operations on the Winning Side
December 11, 2015  Update on Data Privacy and Human Resources Law
December 2, 2015  Webinar: Business Associates: How to Differentiate Your Organization Using HIPAA Compliance
November 18, 2015  CT Technology Council 2015 IT Summit
November 9, 2015  Capitol Region Education Council - Technology Conference
September 24, 2015  Webinar: How to Effectively Negotiate a Business Associate Agreement: What's Important/What's Not
September 24, 2015  Data Security and Privacy Risk Management in a New World of Big Data Collection and Sharing
September 18, 2015  American Bar Association Business Law Section Annual Meeting
July 14, 2015  Webinar: HIPAA Compliance and Non-Business Associate Vendors - Strategies and Best Practices
June 11, 2015  Feldman & Roberts to Speak about The Physician Payments Sunshine Act
March 13, 2015  Right to Privacy & HIPAA
February 19, 2015  Webinar: How to Effectively Negotiate a Business Associate Agreement: What's Important/What's Not
February 12, 2015  CHCACT: Corporate Compliance Workgroup
January 20, 2015  HCBA: Business Associate Compliance - Keeping Your Own House in Order
January 14, 2015  Stage 2 Meaningful Use Audit: What You Need to Know
November 5, 2014  CT HFMA: Annual Healthcare Leaders Legal Update
October 16, 2014  Raiders of the Data Ark - Data Privacy & Cybersecurity Summit
October 9, 2014  CCPA: Establishing an Effective Compliance Program
May 30, 2014   LERA: Is it HIPAA or is it not?
May 22, 2014  CT CHAND: College Health Symposium
March 24, 2014  Regulatory Landscape for Life Sciences and Medical Products & FDA Approval and Insurance Reimbursement
April 8, 2013  Family Opposition to First Person Consent
March 15, 2013  Complying With the New HIPAA Regulations - Part II
March 1, 2013  Complying With the New HIPAA Regulations - Part I
May 10, 2012  Catching the Social Media Bug: The Risks and Rewards of Social Media For Health Care Providers

View All »


Your e-mail and any information in your e-mail to this individual are not protected by the attorney client privilege. Therefore your e-mail should not contain any confidential information and should be for general information purposes only. The e-mail to this individual is not intended to create, and does not constitute, an attorney-client relationship.

© Shipman & Goodwin LLP, 2017. All Rights Reserved.