Gates, Melodi (Mel) M.

Melodi M. Gates

Senior Associate

Mel Gates counsels clients in data privacy, cybersecurity and regulatory compliance matters, helping organizations achieve an effective balance between data protection and business capabilities.

She holds a Certified Information Privacy Professional (CIPP/US) certification from the International Association of Privacy Professionals (IAPP). Mel has experience with healthcare clients ranging from small physician practices to state health information exchanges in developing policies, training employees, and meeting HIPAA and HITECH obligations. She also counsels a variety of service providers and others who handle protected health information, including the organizations that support Colorado’s state-designated health information exchange (HIE) and all payer claims database (APCD). Her work includes contract development, negotiation, and review.

Mel has facilitated information security and privacy policy development, compliance process management, and workforce training for clients across multiple industries, including service providers, community organizations, and others subject to a variety of industry standards and sector-specific privacy and data protection regimes, with which she is well-versed from both legal and operational perspectives. She also assists clients with understanding the causes and implications of data breaches, hack attacks and other security incidents and provides counsel on notification requirements and other breach response obligations, as well as proactive preventive measures.

Mel worked in telecommunications and information technology for more than twenty years prior to joining the legal field. Most recently, she served as chief information security officer (CISO) for Qwest Communications. In her seven-year tenure as CISO, Mel held a “top secret” security clearance, managed information security controls around the world and created a specialized team of technology professionals dedicated to protecting enterprise and customer assets.

Mel has made numerous television, radio and event appearances, including on CBS’ “Early Show” and “The Montel Williams Show,” and has spoken at industry events such as the Rocky Mountain Information Security Conference. She has written several articles on the topics of privacy and information security and co-authored an article featured in the Albany Law Journal of Science & Technology in 2010. Mel is also a joint patent holder of the Method and System for Authenticating and Auditing Access by a User to Non-Natively Secured Applications, issued in 1998.



  • University of Denver, Sturm College of Law, J.D., Order of St. Ives, 2011
  • University of Colorado, M.S., 1995
  • California State University, Long Beach, B.S., with distinction, 1986


  • Colorado
  • U.S. Patent and Trademark Office

Memberships and Affiliations

  • Member, Department of Homeland Security Data Privacy and Integrity Advisory Committee 
  • American Health Lawyers Association 
  • International Association of Privacy Professionals 
  • Information Systems Audit and Control Association, Certified Information Security Manager (non-practicing status)

Publications, Speeches, Presentations

  • Panelist, “Super Secret Stuff: Keeping Things Safe in a World of Technology Openness,” Continuing Legal Education, University of Colorado Law (October 25, 2014)
  • Speaker, “Cybersecurity & Privacy Law for Practitioners – Obligations & Trends,” SecureWorld Denver 2014 (October 16, 2014)
  • Guest, “White House ‘Big Data’ Report on Privacy and Security Issues,” Capital Thinking Radio Show (May 15, 2014)
  • Guest, “Federal Trade Commission Developments Relating to Privacy Protection and the Heartbleed Bug,” Capital Thinking Radio Show (April 17, 2014)
  • Guest, “Student Privacy Issues,” Capital Thinking Radio Show (April 3, 2014)
  • Guest, “The Impact of the NIST Cybersecurity Framework on the Health Care Sector,” Capital Thinking Radio Show (March 13, 2014) 
  • Speaker, “Cybersecurity Impacts on the Health Care Sector: More Than Just HIPAA/HITECH,” Patton Boggs Webinar (February 26, 2014)
  • Panelist, “What Happens in Colorado…Take Aways for Strong Reporting Programs,” NAHDO 28th Annual Conference, “Health data Summit:: Reaching New Heights and Pushing New Boundaries to Transform Health and Health Care,” Denver, CO (December 12, 2013)
  • Speaker, “Recent Developments and Trends in Cybersecurity & Privacy Law,” SecureWorld Conference (November 5, 2013)
  • Speaker, “Data Privacy and Security,” Health Care Compliance Association Mountain Region Annual Conference, Denver, CO(October 25, 2013)
  • Guest, Cyber Insurance, Capital Thinking Radio Show (September 19, 2013)
  • Co-author, “Health Care Law Roundtable: An Update on the Medicare Shared Savings Program,” The Advisory Board General Counsel Agenda (June 2013)
  • Guest, Health Insurance Portability and Accountability Act and the Health Information Technology for Economic and Clinical Health Act, Capital Thinking Radio Show (February 28, 2013)
  • Co-author, “The FTC Privacy Report and the White House Consumer Privacy Bill of Rights: Policymaking Trends and What you Need to Know in 2013,” International Journal of Mobile Marketing (Winter 2012)
  • Co-leader, “Health Information Exchanges: Evolving Legal and Regulatory Challenges” Strafford Webinar (November, 20, 2012)
  • Guest, Capital Thinking Radio Show (October 4, 2012)
  • Co-author, “The FTC Privacy Report: What the Report Means and how you Can Get Ahead of Enforcement Trends by Implementing Best Practices Now," International Journal of Mobile Marketing (Summer 2012)
  • Co-author, “FCC Chairman Hosts Summit for Mobile Health (mHealth),” Patton Boggs Healthcare Regulatory Alert (June 6, 2012)
  • Contributor, Accountable Care Organization Member Briefing, American Health Lawyers Association (AHLA) (May 2012)
  • Co-author, “Empowering Your Information Security & Data Protection Program Through Facilitated Policy,” ACC Docket (March 2012)
  •  Guest, Capital Thinking Radio Show (March 8, 2012) 
  • Podcast contributor, “Tips for Using Encryption Wisely,” (January 9, 2012) 
  • Speaker, “Navigating the Safe Harbor of Encryption Protections,” ACI’s Health Care Information Privacy and Security Forum (December 6, 2011)
  • Guest, Capital Thinking Radio Show (December 1, 2011) 
  • Co-author, “Chasing the Clouds Without Getting Drenched: A Call for Fair Practices in Cloud Computing Services,” University of Florida Levin College of Law, Journal of Technology Law & Policy, Volume 16, Number 2 (December 2011)
  • Co-author, “Privacy and Security Under the Microscope--Details About the Upcoming HIPAA Audits and How You Can Prepare,” American Health Lawyers Association’s HIT News (November 2011)
  • Co-author, “Beyond HIPAA’s Moving Target: White House Releases Cybersecurity Blueprint,” BNA Health IT Law & Industry (August 8, 2011)
  • Co-author, “The Proposed ACO Rules' Impact on HIT: Is Your EHR Vendor Ready?” Daily Briefing, (July 7, 2011)
  • Co-author, “Proposed ACO Rule: EHR Initiatives and Privacy and Security Implications,” BNA Health IT Law & Industry (May 9, 2011)
  • Co-author, “White House Cybersecurity Legislative Initiative will Significantly Impact Government Contractors,” Patton Boggs Cybersecurity: Government Contractors Client Alert (June 16, 2011)
  • Co-author, “Cybersecurity Reform and Regulations on the Horizon,” Patton Boggs Homeland Security Client Alert (June 7, 2011)
  • Co-author, “Lookout! FTC Cases Give Guidelines for Data Security: Ceridian Corp. and Lookout Services, Inc.,” Patton Boggs Privacy Client Alert (May 19, 2011) 
  • Co-author, “Proposed ACO Rule: EHR Initiatives and Privacy and Security Implications,” Patton Boggs Health Care Client Alert (April 8, 2011) 
  • Co-author, “Hacker Attacks on Corporate Databases—What Every Company Needs to Know,” Patton Boggs Privacy Client Alert (April 8, 2011) 
  • Co-author, “Bit-Wise But Privacy Foolish: Smarter E-Messaging Technologies Call for a Return to Core Privacy Principles,” Albany Law Journal of Science & Technology, Volume 20 (Number 3, 2010)
  • Ranked in “Privacy & Data Security,” Nationwide, Chambers USA (2013, 2014)
  • Received Faculty Prize for Highest GPA in Class of 2011, University of Denver, Sturm College of Law
  • Named Tech Exec Network’s Information Security Executive of the Year™, West (2006)

{{}} {{insights.source}} {{insights.type}}