Search form

Frank J. Fanshawe


P 518-512-8700 F 518-242-7730


Frank J. Fanshawe


Frank J. Fanshawe is a principal in the Albany, New York, office of Jackson Lewis P.C. Frank focuses his practice on health care law and Privacy, Data and Cybersecurity. He has 25 years of experience, including significant real-world legal and executive-level experience with a nationally recognized health insurer in the northeastern United States.

Frank previously served as a senior adviser to the New York State Senate Health Committee chair on legislative and public policy issues in connection with New York's deregulation of the hospital payment methodology system (Health Care Reform Act) and other major health care initiatives. He also practiced law with other national law firms, where he represented hospitals, medical groups, independent practice associations, physician organizations, home health agencies and other health care providers.

Privacy & Data Security

Frank regularly counsels clients on a wide range of cybersecurity and data privacy scenarios, including those involving HIPAA/HITECH compliance. He has worked with the executive teams of his clients in the data privacy and cybersecurity context to assess their environments, identify strengths and deficiencies, and develop and implement compliant resolutions under federal and state laws. Frank also has successfully resolved numerous data breach situations, where he has counseled and advised clients on their HIPAA/HITECH and other breach response obligations. In these situations, he works with his clients to preserve information; identify the nature and scope of the breach; assess compliance obligations; develop notification communications; report to regulatory authorities, when required; and counsel clients on messaging, logistical support systems and other measures to help ensure minimal impact to affected individuals and the clients’ image. He also has successfully resolved numerous data breach investigations by the United States Department of Health and Human Services and state regulators.

Corporate Governance and Compliance

Frank’s in-house experience as a chief compliance officer in the health insurance industry provides him with a distinctive business and operational perspective that leads to sound governance and compliance results that work in real business settings. He counsels boards of directors on governance issues and fiduciary duties. Frank also works with clients to develop and implement corporate compliance plans, including drafting policies and procedures, directing workforce training, and auditing and monitoring programs.

Health Care Law Counsel

Frank has served as a trusted adviser to practitioners, boards of directors, CEOs and other C-suite executives to help clients thrive in the complex health care delivery and reform environment. He works with them to develop and improve their regulatory operations in ways that align with their business objectives. Frank counsels clients to successfully navigate the intricacies of fraud and abuse laws and regulations, helps them develop strategies to operate within the complexities of the HIPAA and HITECH regulatory framework, and works with them to obtain state licensure and certification.

Commercial Contracts and Joint Ventures

Frank negotiates major contractual arrangements and joint ventures among providers and between providers and managed care entities, including integrated delivery systems and accountable care organizations. He also assists clients with the regulatory and transactional aspects of joint ventures, mergers and acquisitions, and other strategic arrangements.

Professional Associations and Activities

  • American Health Lawyers Association
  • New York State Bar Association

Published Works

  • “Why Are You Being Sued?” The Journal of Urgent Care Medicine (June 2017) [Co-Author]
  • “Phase 2 HIPAA Audits Are Under Way: Are You Prepared?” Phase 2 HIPAA Audits Under Way (March 2016) [Co-Author] 
  • “Privacy and Security: Highlights from the HHS Inspector General’s 2016 Work Plan,” HHS Inspector General’s Work Plan for FY 2016 (November 2015) [Co-Author]
  • “Cloud Storage of Medical Records: HIPAA, HITECH and Other Compliance Issues,” The Risk Management Quarterly (October 2015) [Co-Author]
  • “HHS: No Sensational News Exception to HIPAA. Health Care Providers Should Plan Now for Dealing with Ebola Publicity,” Ebola: The Myth of the Sensational News Exception (November 2014) [Author]
  • “2014: The Affordable Care Act Is Alive and Well – Are You Ready?” Compliance with the Affordable Care Act, 2014–2015 (February 2014) [Author]
  • “As the “NY State of Health” Enters Its Third Week, a Look at the Role of Navigators,” Navigators in the “NY State of Health” Marketplace (October 2013) [Author]
  • “ACA Not Enough to Save Penn State’s Employee Wellness Program,” Penn State Employee Wellness Program Falls Short (October 2013) [Author]
  • “Evaluating Employer Insurance Coverages to Defend against Claimed Violations of the Affordable Care Act,” Defending against Claimed Violations of the ACA (October 2013) [Author]
  • “HHS Issues Privacy Rule Guidance for Law Enforcement Agencies,” “HIPAA Privacy Rule: A Guide for Law Enforcement” Released (October 2013) [Author]
  • “Administration Delays Launch of Federally Facilitated Small Business Health Insurance Exchanges,” 35 Small Business Health Insurance Exchanges Delayed (September 2013) [Author]
  • “OCR and ONC Release Model Notices of Privacy Practices,” OCR and ONC Release Model Notices of Privacy Practices (September 2013) [Author]
  • “Business Associate Definition Expanded and HHS Empowered to Impose New Civil Fines,” Compliance with Omnibus Rule Required by September 23, 2013 (September 2013) [Author]
  • “Affordable Care Act: Summary of Benefits and Coverage Required for Group Health Plans, Health Insurance Issuers and Third-Party Administrators” (September 2013) [Author]
  • “2014 Business Operations Determine How the Employer Mandate Applies in 2015” (September 2013) [Author]
  • “Omnibus HIPAA/HITECH Rules Require Changes to Notice of Privacy Practices Prior to September 23, 2013,” Must Comply with HIPAA/HITECH Rules by Sept. 23, 2013 (September 2013) [Author]
  • “Affordable Care Act: The Small Business Health Options Program Marketplace” (August 2013) [Author]
  • “U.S. Department of Health and Human Services Imposes $1.2 Million Penalty For Protected Health Information Breach Involving Leased Copiers,” HIPAA Breach Involving Leased Copiers leads to Fines for NYC Health Plan (August 2013) [Author]
  • “Affordable Care Act Prohibits Extra Health Insurance Benefits for Executives” (August 2013) [Author]
  • “New Notice Requirements under the Affordable Care Act” (August 2013) [Author]


  • “Cyber Security and Cyber Liability: Risk Management And Breach Response” HCA Bootcamp (New York, NY, July 2016) (presenter)
  • “Cybersecurity Incident Response Preparedness: Developing and Testing An Incident Response Plan” Wilson Elser-Albany Business Review (Albany, NY, May 2015) (presenter)
  • “Emerging Trends in Health Care Data Privacy, Enforcement, Privacy, Security and Breach Notification Rules” Mesirow Financial Webinar (Albany, NY, October 2015) (presenter)
  • “Updates to the FLSA White Collar Exemption” HCA Staying Ahead of Changes in Labor Law - Home Care Survival Bootcamp, (New York, NY, October 2015) (presenter)
  • “Successfully Navigating Cyber Breaches Nothing Less Thank Your Business at Stake, Risk Management and Breach Response” HCA's Corporate Compliance Symposium (Albany, NY, October 2015) (presenter)
  • “Complying with Executive Order 38, Limits on Executive Compensation and Administrative Costs” HCA (Albany, NY, June 2015) (presenter)
  • “Successfully Navigating Cyber Breaches Nothing Less Than Your Business at Stake, Risk Management and Breach Response” Wilson Elser-Albany Business Review (Albany, NY, April 2015) (presenter)
  • “Tips for Successful Relations with Managed Care Organizations” HCA CFO Forum (Albany, NY, March 2015) (presenter)
  • “Navigating Executive Order 38, Limits on Executive Compensation and Administrative Costs” HCA Conference: Home Health Legal Updates (New York, NY, December 2014) (presenter)
  • “Dissecting the Affordable Care Act” Albany-Colonie Regional Chamber (Albany, NY, September 2014) (presenter)
  • “Deconstructing the ACA: What Small to Mid-Size Businesses Need to Know” Wilson Elser-Albany Business Review Seminar (Albany, NY, July 2014) (presenter)
  • “What Every Business Leader Should Know About the Affordable Care Act” Women Presidents' Organization Industry Conference (Albany, NY, June 2014) (presenter)
  • “Doing Business with Health Care Organizations: What you MUST know about the new HIPAA requirements” Wilson Elser-Albany Business Review Seminar (Troy, NY, November 2013) (presenter)
  • “Big Data, Risk Management and The Collaboration Continuum” 2013 Network Contracting Summit (Falls Church, VA, October 2013) (presenter)
  • “The ACA, What Employers Need to Know” NYS Broadcasters Webinar (Albany, NY, September 2013) (presenter)