Andrew Elbon practices in the areas of employee benefits and executive compensation and provides counsel to clients on the HIPAA privacy and security regulations and the HITECH Act as they apply to group health plans and other covered entities and business associates. His practice focuses especially on the design and administration of employee pension and welfare benefit plans. With significant experience in drafting both qualified and nonqualified retirement plans, Andrew assists with documentary and operational compliance and satisfying ERISA notice, reporting and other fiduciary requirements. He advises employers with respect to the administration of qualified and nonqualified plans and regularly works with employers regarding the correction of operational errors under qualified retirement plans, including the submission of corrections under the Employee Plans Compliance Resolution System of the IRS.
Andrew counsels and assists group health plan administrators with the inventory of existing uses and disclosures of protected health information and with the establishment of policies and procedures that are required by the HIPAA privacy and security rules. He advises covered entities and business associates with compliance obligations under HIPAA and HITECH, including the drafting and negotiation of business associate agreements and the reporting and notification requirements of breach notification rules. Representing both large and small public and private companies, Andrew counsels clients on the design and operation of nonqualified deferred compensation plans, including salary deferral arrangements, SERPs, stock-based compensation plans, and individual executive benefit and severance agreements. He also has extensive experience in compliance issues arising from such arrangements under Code Section 409A.
Andrew helps employers with benefit plan issues specific to the merger and acquisition of companies, including qualified retirement plan mergers and terminations and group health plan privacy and security issues under HIPAA and HITECH.
Cybersecurity and Privacy | Employee Benefits and Executive Compensation | Health Information and Technology, Privacy, and Security
© Bradley Arant Boult Cummings LLP, 2021