Gulick, Stacey L.

vCard  ·   eMail  ·  Print Bio

Stacey L. Gulick


111 Great Neck Road, Great Neck, NY 11021
P: 516-393-2264

411 Hackensack Avenue, 5th Floor, Hackensack, NJ 07601
P: 201-883-1030


Compliance and White Collar Defense
E-Health & Telemedicine
Health Care
HIPAA Compliance
Health Care Information and Technology

St. John's University School of Law
(J.D., 2001)
University of Pittsburgh
(B.A., 1991; MBA/MHA, 1994)

New York

New Jersey

New York Supreme Court, Appellate Division
New Jersey Supreme Court

New Jersey Super Lawyers Rising Star - 2012, 2013

New York Bar Association (Health Law Section)
New Jersey Bar Association (Health Law Section)
American Bar Association
Pennsylvania Bar Association
American Health Lawyers Association

A Partner at Garfunkel Wild, P.C., Stacey L. Gulick joined the firm in 2001 and is the Co-Chair of the firm’s HIPAA Compliance Practice Group and a member of the Health Care, Health Care Information and Technology and Compliance and White Collar Crime Defense Practice Groups.

Ms. Gulick has extensive experience in health care administration, having worked as a medical staff coordinator, risk manager and compliance officer for several years prior to becoming an attorney.  Her practice includes representation of healthcare providers and their business associates in implementation of HIPAA compliance programs, OCR investigations, HIPAA Breach responses, and various cyber security and interoperability issues.  Ms. Gulick also provides guidance to various healthcare entities including healthcare systems, hospitals, ambulatory surgery centers, Federally Qualified Health Centers and health information exchanges on Federal and State regulatory requirements and accreditation standards.  Ms. Gulick frequently speaks and publishes on HIPAA-related issues, cyber security, risk management and medical staff bylaws.

She received her B.A., Masters in Business Administration and Masters in Health Administration in 1991 from the University of Pittsburgh and her J.D. from the St. John's University School of Law in 2001.

Speeches and Events

  • "Is TeleHealth in your Future?" Fairfield County Medical Association, Norwalk, CT (May 10, 2017)
  • “HIPAA Update” HFMA (New York Chapter) 2016 Annual Legislative Update, Fishkill, NY (September 22, 2016)
  • “Medical Record Requirements and Protection” Fairfield County Medical Association Education Program sponsored by Cushman & Wakefield, Norwalk, CT (September 14, 2016)
  • “Avoid Costly HIPAA Fines” Home Health Services Association of NJ, Edison, NJ (June 16, 2016)
  • "HIPAA Security Breaches and Enforcement (i.e., what it really costs to manage a HIPAA violation)" HFMA's (Connecticut Chapter) 2016 Legal Playbook: Best Practices to Keep Your Healthcare Operations on the Winning Side Seminar, Wallingford, CT (February 23, 2016)
  • “HIPAA Enforcement, Private Sector Threats, and Breach Response,” Fairfield County Medical Association Education Program, Norwalk, CT (January 26, 2016)
  • “Disruptive Behavior and Reporting Obligations” Rutgers, New Jersey Medical School and Center for Continuing and Outreach Education at Rutgers Biomedical and Health Sciences, North Bergen, NJ (November 4, 2015)
  • “Emerging Legal Issues in Electronic Medical Records:  Access and Confidentiality,” Pace Law School CLE Program, White Plains, NY (November 6, 2014)
  • “The New HIPAA Omnibus Final Rule,” Teleconference for the National Business Institute (November 18, 2013)
  • Implementing New HIPAA-HITECH Requirements, New Jersey Society of Certified Public Accountants Health Care Conference, Iselin, NJ (September 27, 2013)
  • "Help Get Your Medical Practice Compliant with the Final 2013 HIPAA/HITECH Regulations," Fairfield County Medical Association Seminar, Norwalk, CT, (September 12, 2013)
  • HITECH for Health Care Attorneys - 2012 Webcast, New York State Bar Association, Albany, NY (December 7, 2012)
  • HIPAA Privacy & Security - OCR Performance Audits of Hospitals, Metropolitan New York Chapter Healthcare Financial Management Association (HFMA) Fall Academy, Uniondale, NY (October 24, 2012)
  • Possibilities and Pitfalls in Exchanging Electronic Patient Data with Other Providers and Payors, NYAHSA (New York Association of Homes and Services for the Aging) Annual Conference and Exposition, Saratoga Springs, NY (June 21, 2011)
  • Healthcare Providers - Statutory and Regulatory Issues, New York State Bar Association, New York, NY (April 9, 2010)
  • OMIG & HIPAA: HITECH Seminar, Pharmacists Society of the State of New York, March 18, 2010 (Getzville, NY)
  • Health Care Reform:  Now What?, New York State Bar Association's 2010 Annual Meeting, Health Law Section, New York, NY (January 27, 2010)
  • Informed Consents, NJSOM Annual Conference, Atlantic City, NJ (October 8, 2009)
  • Red Flag Rules Concerning Identity Theft, New Jersey Society of Oncology Managers, Princeton, NJ (April 3, 2009)
  • Portable Devices, Enforcement, Complaints -- The New Focus of HIPAA, HFMA Metro NY Chapter (July 20, 2007)


  • "Be Prepared: Enforcement of the New HIPAA Rules" Journal of the American College of Radiology (Vol. 10, Issue 10, pgs. 733-735) September 2013
  • To Text or Not To Text?, Journal of the American College of Radiology, June 2012
  • Preparing for Electronic Communication in Health Care, Garden State Focus, (Co-authored with Andrew Blustein) Vol 58, Num 3, November/December 2011
  • Risks Health Care Professionals Face With Social Media -Think Before you Tweet, Corporate Compliance Insights, April 27, 2011
  • Social Media: A Brave New World for Doctors, Journal of the American College of Radiology, May 1, 2011
  • Practical Implications of HITECH, New Jersey Law Journal (September 13, 2010), Volume 201, Number 11
  • Justifiable Action, Inside Healthcare, March 26, 2009
  • Protecting Ownership of Patient Information, Behavioral Healthcare, December 2007
  • Practical Privacy, Health Executive, September 2007
  • Federal Guidance Outlines Requirements for Use of Portable Devices, Journal of the American College of Radiology, August 2007
  • Legitimate Lease Arrangement or Suspect Joint Venture?, Journal of the American College of Radiology, June 2007
  • Compliance Programs - Serious Business for Healthcare Providers, Journal of the American College of Radiology, April 2007
  • Deficit Reduction Act Heightens Corporate Compliance Requirements for Medicaid Providers, New Jersey Lawyer Magazine, February 2007
  • When You Receive a Complaint: Ten Tips for Conducting an Internal Investigation, Compliance Today, November 2006
  • Use and Disclosure of PHI for Training Purposes, Health Information Compliance Insider, October 2006
  • Outside Counsel Must Know What You Need from Them, Healthcare Risk Management, October 2006