Thora A. Johnson

Johnson Thora

Thora Johnson is co-chair of Venable's Employee Benefits, Executive Compensation, and Health Group. Thora provides counsel on regulatory, compliance, tax, and business matters that are impacting healthcare providers, hospitals, continuing care retirement communities, health insurers, group health plans, pharmaceutical and medical device companies, and health IT companies.

Thora has extensive experience with both the traditional and the ever-challenging healthcare regulatory landscape, including: 

  • The Health Insurance Portability and Accountability Act (HIPAA) privacy, security, and breach notification requirements
  • Part 2 confidentiality requirements applicable to substance abuse records
  • State health information privacy laws
  • Medicare/Medicaid compliance
  • Federal and state fraud and abuse rules
  • Federal and state healthcare coverage continuation laws
  • Mental Health Parity and Addiction Equity Act (MHPAEA)
  • Genetic Information Nondiscrimination Act (GINA)
  • The HIPAA nondiscrimination rules and the Americans with Disabilities Act (ADA) regulations applicable to employer wellness programs 
  • Affordable Care Act (ACA) compliance
  • Regulatory requirements of the Employer Retirement Income Security Act (ERISA), the Internal Revenue Code, HIPAA, and the ACA as they apply to employer health plans


Representative Matters

Confidentiality of Health Information

  • Regularly structures HIPAA compliance and incident response programs for healthcare providers, health plans, and their business associates
  • Often provides guidance on the intersection of HIPAA, Part 2, and state laws governing the confidentiality of medical records
  • Represented a large health insurance company in negotiating and implementing a HIPAA Resolution Agreement and Corrective Action Plan with the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR)
  • Represented covered entities and business associates in Phase 2 HIPAA desk audits
  • Regularly represents covered entities and business associates in resolving complaints with the regional offices of OCR
  • Helps clients with investigating and responding to potential privacy and security incidents, including preparation of risk assessments and notices to affected individuals and OCR
  • Works with clients establishing medical registries and running research studies

Health and Welfare Plan Compliance

  • Advises employers on how ACA legislation affects their health plans, including how to provide ACA-compliant health coverage to avoid penalties, report offers of health coverage, appeal eligibility determinations made by the health insurance exchanges and employer mandate penalties being assessed by the IRS, and comply with disclosure obligations
  • Provides day-to-day advice on health and welfare compliance to employers, including drafting plan documents, summary plan descriptions, and summaries of benefits and coverages; and negotiating administrative service agreements
  • Counsels employers on alternative means of providing healthcare, including onsite medical clinics and private exchanges
  • Serves as counsel in lawsuits brought against health plans and health insurers by out-of-network providers under ERISA
  • Provides guidance to association health plans on applicable rating rules and mandates under the ACA and state law

Other Healthcare Regulatory Compliance

  • Advises on Section 1557 nondiscrimination requirements applicable to certain healthcare providers, health insurers, and group health plans
  • Provides counsel on meaningful use, interoperability, and care quality improvement initiatives 
  • Represents multiple clients regarding their compliance obligations as First Tier, Downstream, and Related Entities (FDRs) to Medicare Advantage and Medicare prescription drug plans
  • Counsels wellness companies on a wide variety of complex regulatory and corporate issues, including HIPAA, the ACA, regulations on wellness programs issued under the ADA, Medicare and Medicaid compliance, and other miscellaneous federal and state regulatory matters, such as cost transparency laws
  • Provides counsel on meaningful use, interoperability, and care quality improvement initiatives 
  • Counsels a multinational financial services company regarding the federal and state fraud and abuse implications of a transaction with a large healthcare provider

Thora is also experienced in employee benefits, executive compensation, and nonprofit tax matters.




  • J.D. with honors University of Maryland School of Law
  • M.A. Middlebury College
  • B.A. magna cum laude Brown University
  • Phi Beta Kappa

Bar Admissions

  • Maryland
  • District of Columbia

Professional Memberships and Activities

  • Member, American Bar Association, Tax Section
  • Member, American Health Lawyers Association
  • Member, District of Columbia Bar Association, Tax Section
  • Member, Healthcare Compliance Association
  • Member, Maryland State Bar Association Health Law Section and Study Group for Employee Benefits
  • Member, board of directors, Health Care for the Homeless and chair of the Compliance and Risk Committee
  • Member of the Maryland Board for the American Diabetes Association
  • Member, board of directors, The Robert Garrett Fund at Johns Hopkins University, an organization supporting the pediatric surgical program at Johns Hopkins


  • The Best Lawyers in America, 2016 – 2021
  • The Best Lawyers Business Edition, Women in the Law, Employee Benefits (ERISA) Law, 2017 – 2019
  • Chambers USA, Employee Benefits and Executive Compensation (Band 1), Maryland, 2017 – 2020
  • Legal 500
    • Labor and Employment – Employee Benefits, Executive Compensation and Retirement Plans: Design, 2014 – 2020
    • Not-for-Profit (Nonprofit and Tax Exempt Organizations), 2015 – 2016



  • Member, leadership board, American Diabetes Association
  • Member, board of directors, Healthcare for the Homeless, an organization providing comprehensive healthcare services and supportive services to people experiencing homelessness