Kristi Kung

Digital Health

Kristi has an active digital health practice advising healthcare startups on the appropriate business structuring and strategy to navigate complex and multijurisdictional regulatory challenges. Her background in privacy and security, licensing, reimbursement, fraud and abuse, and corporate practice of medicine provide her with the unique skillset to effectively guide her clients through the various legal and business obstacles confronting companies looking to develop and implement telehealth, mobile health, artificial intelligence, virtual and augmented reality, and other innovative health technologies.

She has assisted clients in the development of regional, national, and international telehealth and mobile health programs and has advised health systems and life sciences manufacturers on digital health strategy and implementation. She has also advised private equity sponsors with respect to digital health ventures and health IT acquisitions.

Healthcare Compliance, Investigations and Regulatory Counseling

Kristi has developed comprehensive compliance programs for a variety of healthcare providers and suppliers, including hospitals, physician practices, laboratories, DMEPOS suppliers, IDTFs, medical device manufacturers and specialty pharmacies. She also advises on day-to-day healthcare regulatory and compliance matters confronting providers and suppliers in the healthcare industry. Kristi has developed and provided specialized training to her client's workforces and sales teams concerning fraud and abuse, privacy and security, and other client risk areas. In addition, she has served as an independent compliance reviewer for entities under Corporate Integrity Agreements.

She advises clients on fraud and abuse matters including Stark and Anti-Kickback as well as state law equivalents, HIPAA, reimbursement and billing, licensing and corporate practice of medicine issues. She assists clients with respect to internal investigations and self-disclosure and refund obligations and has further represented clients under investigation by various federal and state agencies, including the Centers for Medicare and Medicaid Services, the Office of Inspector General for the US Health and Human Services, the Health and Human Service Office for Civil Rights, the Health Resources and Services Administration, the Virginia Department of Health, the North Carolina Department of Health, various Virginia professional licensing boards and the Washington, DC Board of Medicine. 

Kristi represents healthcare industry clients and stakeholders with respect to privacy and security matters, including the development of HIPAA compliance programs, website privacy policies and terms of use, breach investigation and reporting, government investigations and healthcare privacy and security matters arising during the due diligence process. She has also defended providers in investigations by the Health and Human Service Office for Civil Rights. She advises clients on compliance issues related to big data, health information technology, business associate agreements, data use agreements, and the use of de-identified data. 

Healthcare Transactions

Kristi advises private equity sponsors in their healthcare acquisitions and divestitures, and the on-going representation of their healthcare portfolio companies, regarding healthcare regulatory issues identified in due diligence, including fraud and abuse matters (Stark, AKS, FCA), HIPAA, licensure matters, and Medicare and Medicaid billing issues.

Her experience spans a wide range of specialty areas including health IT, specialty pharmacy, laboratory, hospitals, hospice, home health, ASCs, IDTFs, physician practice groups and specialty practices such as cardiology, dermatology, orthopaedics, physical therapy, ophthalmology, oncology, urology, radiology, and dentistry.

Chambers USA

• Band 3, District of Columbia Healthcare, (2025)
• Band 4, District of Columbia Healthcare, (2022 – 2024)

Legal 500 United States

• Recommended, Healthcare: Service Providers, (2020 – 2025)

Other Recognitions

• Rising Stars Winner, The National Law Journal, (2022)
• Named, Washington, DC: Rising Star, Super Lawyers, (2016 – 2022)
• Named Virginia: Rising Star, Super Lawyers, (2010)

• "Centers for Medicare & Medicaid Services Issues First HCPCS Code and Medicare DME Benefit Category Determination for Therapeutic Virtual Reality Device," The Journal of Federal Agency Action, July 2023
• "How Will Telehealth Change After the Pandemic?" HealthTech, June 5, 2020
• "New York Settles EmblemHealth Breach for $575,000," Eye on Privacy Blog, March 2018
• "HHS-OCR Closes 2017 with Six Figure Settlement in PHI Data Breach," Eye on Privacy Blog, January 2018
• "Life in the Slow Lane? What Net Neutrality Repeal May Mean for Telehealth Services," The National Law Review, January 2018
• "Telehealth in 2017: What's Changed and What's Ahead," Law360, December 2018
• "Texas Telemedicine Saga Finally Over?" SMRH Health Law Blog, November 2017
• "New York AG Takes Enforcement Action Against Heart Monitoring Apps: Murmurs of Concern are Heard in mHealth App World," SMRH Health Law Blog, April 2017
• "Is a Truce in the Battle over Telemedicine in Texas Upon Us?" SMRH Health Law Blog, February 2017
• "Recent Relaxation of State-Level Challenges to the Expansion of Telemedicine but Barriers Remain," SMRH Health Law Blog, July 2016
• "CMS Proposes to Limit Site Neutral Payment Exceptions Applicable to Certain Off-Campus Hospital Departments Following Relocation, Service Expansion, or Certain Ownership Changes," SMRH Health Law Blog, July 2016
• "Disclosing 340B Program Non-Compliance and Negotiating Manufacturer Refunds – An Overview and Case Study, American Health Lawyers Association," In-House Counsel Meeting, June 2016
• "Assessing the Legal Risk of Unregulated Yoga Therapy," Law360, January 5, 2016
• "Health Care Fraud and Abuse Update," Health Law Handbook, (2014-2016)
• "340B Omnibus Guidance Would Significantly Narrow the Pool of Eligible Patients," Law360, September 3, 2015
• "FDA Draft Guidance Would Ease Regulatory Burdens for Certain mHealth Applications," Law360, August 1, 2014
• "OIG Releases Special Bulletin on the Effect of Exclusion from Federal Health Care Programs," E-Alert, AHLA Accreditation, Certification and Enrollment, Affinity Group, May 8, 2013
• "Impact of the American Taxpayer Relief Act of 2012 on Reimbursement for Health Care Services," E-Alert, AHLA Regulation, Accreditation and Payment Practice Group, January 4, 2013
• "Telemedicine Legal Hurdles - An Overview of Lesser Known Challenges," Healthcare IT News – A Publication of the American Health Lawyers Association, November 2012
• "Qui Tam Counsel Sanctioned for Breaching Ethical Rules Relating to Review of Privileged Material – E-Alert on the Frazier v. IASIS case," AHLA Healthcare Liability & Litigation Practice Group, February 2012
• "CMS Issues Final Rule Updating Payment Policies Under ESRD PPS for CY 2012," E-Alert, AHLA Regulation, Accreditation and Payment Practice Group, November 7, 2011
• "Legal Practice in a HITECH Environment: An Overview of the HITECH Act and its Impact on Lawyers as Business Associates," Defensively Speaking, International Society of Primerus Law Firms, February 12, 2010
• "Annual Survey of Virginia Law: Health Care Law," University of Richmond Law Review, (2009)

• Panelist, "Workshop: Telehealth Claims and Denials Management – Medicare, Medicaid, and Private Payors," CTeL Telehealth Spring Summit, June 13, 2019
• Panelist, Sensus Healthcare, American Academy of Dermatology Annual Meeting Dinner, March 1, 2019
• Faculty, "Digital Health Regulation," TMCx Accelerator, Texas Medical Center, February 25, 2019
• Presenter, "Mitigating Legal Risks in Digital Health Adoption," November 13, 2018
• "What the Net Neutrality Repeal May Mean for Telehealth," CTeL Executive Telehealth Spring Summit, June 14, 2018
• "Healthcare Disruptions," American University Washington College of Law, Summer Health Law Institute Lunch and Learn Panel, June 6, 2018
• "Data Breach Simulation," Association of Corporate Counsel – San Diego Chapter, April 25, 2018
• "Hot Topics in Healthcare Compliance and Regulation," University of Minnesota, Master of Business Administration – Healthcare Executive Track, March 2017
• Health Law Panel: "Where We Are and Where We Are Going," District of Columbia Bar Association, Health Law Section, March 2017
• "Hacking Health: Addressing mHealth Privacy and Security Risks," Lorman Webinar, September 2016
• "Specialty Pharmacy and the 340B Program," Legal Day, National Association of Specialty Pharmacy, September 2016
• "Avoiding Fraud and Abuse Pitfalls Under Expanded Reimbursement for Telehealth Services," mHealth and Telehealth World Congress, July 2016
• Co-presenter, "HIPAA Compliance and the Use of De-Identified Data," June 25, 2016
• "Fraud and Abuse Issues in Telehealth," American Health Lawyers Association, Fraud and Compliance Forum, September 2015
• "Exploring the Current State of mHealth Privacy and Security," mHealth and Telehealth World Congress, July 2015
• "mHealth and Telehealth – Privacy and Security Issues," American University Washington College of Law, April 2015
• "Privacy and Security Issues," mHealth Applications Legal Issues Breakfast Series, Tysons Corner, March 2015
• Federal and Virginia laws relating to pharmacy and prescribing; the Virginia State Board of Pharmacy structure, investigation and hearing procedures; risk management and documentation for preventing litigation, Medical College of Virginia, Pharmacy Residency Program, March 2009, April 2010, March 2011
• "Electronic Health Records in Litigation," Martha Jefferson Hospital, September 2010
• "Moving Beyond HIPAA: Future Trends in Litigation in This New Electronic Age," American Bar Association National Teleconference, January 2010
• "Patients and Practitioners Beware: Mandatory Electronic (Medical) Records and What You Need to Know," American Bar Association, Young Lawyers Division Fall Conference, October 2009
• Moderator and Speaker, The American Recovery and Reinvestment Act, HITECH provisions, Electronic Medical Records and Health Information Exchanges, and the E-Discovery of Electronic Medical Records in Litigation, Lorman Education Services, July 2009
• Health Information Portability and Accountability Act (HIPAA) and Virginia Medical Records Law, Lorman Education Services, October 2008