Stephen A. Riga

Of Counsel Indianapolis

Mr. Riga concentrates his practice in the area of employee benefits and privacy and security issues.

Mr. Riga's benefits practice includes work with funds and employers to design, maintain, merge and terminate qualified retirement plans and health and welfare plans. Mr. Riga prepares determination letters and voluntary compliance program submissions and assists employers and funds on COBRA, Medicare Part D, and HIPAA compliance. Mr. Riga evaluates contribution and withdrawal liability obligations, and identifies retirement and health and welfare plan compliance issues during due diligence, estimating potential associated costs.

Mr. Riga's privacy practice extends beyond his work with benefit plans, including consulting regarding data security and privacy law, with an emphasis on ADA, FMLA and other federal and state privacy requirements for employers. He assists clients with the development of policies and procedures for data security and privacy legal compliance, the establishment of information security standards and implementation plans, and the training of the client's workforce in privacy and security matters. Mr. Riga offers counsel regarding security incidents and breach notice requirements, data use and disclosure under the EU data privacy framework.

Mr. Riga received his J.D. from the Indiana University School of Law - Indianapolis in 2006. Originally from Los Angeles, California, Mr. Riga earned an undergraduate degree in English and History from Ball State University.

Professional Activities and Speeches

Professional Activities:

  • International Association of Privacy Professionals
  • Indianapolis Bar Association
  • American Bar Association (Taxation and Business Law Sections)
  • International Foundation of Employee Benefit Plans
  • CIPP/US (Certified Information Privacy Professional/United States)
  • CIPP/E (Certified Information Privacy Professional/Europe)
  • Co-chair of the IAPP Indianapolis KnowledgeNet Chapter


  • Indiana Chamber of Commerce Employee Benefits Seminar - ''Your Money or Your Data'' - Indianapolis - September 12, 2018
  • Indiana Chamber of Commerce Employee Benefits Seminar - ''Post-Deal Benefits and Compensation Integration Issues'' - Indianapolis - September 12, 2018
  • Ogletree Deakins Workplace Strategies Seminar - ''Your Money or Your Data! Cautionary Tales of Cybersecurity in the Benefits World'' - Phoenix - May 10, 2018
  • Indiana Chamber of Commerce Employee Benefits Seminar - ''Benefit Plan Data Security: New Threats, New Obligations'' - Indianapolis - September 19, 2017
  • GDPR Privacy Workshops, TrustArc Privacy Insight Series - ''GDPR HR Requirements & National Derogations'' - multiple locations - Fall 2017
  • Ogletree Deakins Employee Benefits and Executive Compensation Symposium - ''Benefit Plan Data Security: New Threats, New Obligations'' - Austin - March 23, 2017
  • Indiana Benefit Conference - ''Data Privacy and Security for Employee Benefit Plans'' - Indianapolis - October 18, 2016
  • Ogletree Deakins Webinar - ''Privacy and Security for Benefit Plans: To HIPAA, and Beyond!'' - October 05, 2016
  • National Business Institute - ''Keeping HIPAA-Protected Records Safe – Tips for Cautious Attorneys'' - Indianapolis - September 15, 2016
  • Indiana Chamber of Commerce Employee Benefits Seminar - ''On-site Clinics: The Modern Health Plan'' - Indianapolis - September 13, 2016
  • Indiana Chamber of Commerce - ''Benefits and FMLA'' - Indianapolis - January 21, 2016
  • Ogletree Deakins Seminar - ''The Internet of Things: Data Privacy Consideration for Employers'' - Indianapolis - October 08, 2015
  • Indiana Chamber of Commerce Employee Benefits Seminar - ''There’s More to Life than the ACA: Other Important Self-Funded Health Plan Developments'' - Indianapolis - September 15, 2015
  • Indiana Chamber of Commerce - ''Employee Benefits Update (ERISA, COBRA, HIPAA)'' - French Lick - September 11, 2015
  • Indiana Chamber of Commerce - ''Employee Benefits Update (ERISA, COBRA, HIPAA)'' - South Bend - August 14, 2015
  • Strafford Webinar - ''Data Breach in ERISA Benefit Plans: Prevention and Response'' - April 23, 2015
  • Ogletree Deakins Webinar - ''Mind the Gap: Steps Employers Can Take to Address Benefit Plan Data Breaches'' - February 17, 2015
  • Lorman - Health Care Reform for Employers: Now What? - ''HIPAA Compliance: Strategies Strategies and Action Items for Health Plans'' - Indianapolis - December 03, 2014
  • Indiana Chamber of Commerce - Employee Benefits Seminar - ''Beyond HIPAA: Protecting Data Security for All Benefit Plans'' - Indianapolis - September 17, 2014
  • Indiana Chamber of Commerce & Ogletree Deakins Annual Employee Benefits Seminar - ''Speakers Panel: ERISA at 40: Top 10 Cases for Dinner Party Conversations'' - Indianapolis - September 17, 2014
  • Indiana Chamber of Commerce & Ogletree Deakins Annual Employee Benefits Seminar - ''New Privacy Deadlines: What Must Health Plans Do by September 23, 2013?'' - Indianapolis - September 12, 2013
  • Benefits: Cost Containment, Audits and Legal Risks Virtual Conference - Webinar - ''HIPAA, HITECH, and HHS, Oh My! What Changes in the Health Privacy Regulations Mean for Employers'' - August 09, 2013
  • Chamber of Commerce Benefit Seminar - ''Preparing for Health & Welfare Plan Audits'' - Indianapolis - September 13, 2012


Published Works


Our Insights

On and On It Goes: Preventive Care Coverage Updates Under the Affordable Care Act

December 12, 2018

PODCAST: Data Breach in Brief: Knowing the Risks and Protecting Your Company

December 11, 2018

Working Party Confirms That Employers of All Sizes Must Maintain Article 30 Records of Processing for Human Resources Data

May 09, 2018

EU Regulator Discusses Enforcement Priorities for the GDPR

April 04, 2018

The Highest Risk Area for GDPR Compliance: Processing HR Data

December 04, 2017

Rubber, Meet Road: The Arduous Task of Translating Campaign-Talk into Action to Repeal (and Replace?) Obamacare

January 26, 2017

Data Security Safeguards Can Help Healthcare Employers Withstand Cyberattacks—and Government Audits

June 20, 2016

The Same-Sex Marriage Ruling: Key Employee Benefits Take-Aways

June 29, 2015

Honored in the Breach: Employer Action Items for an Insurer Data Breach

February 05, 2015

At Year End, IRS Issues Guidance On Cafeteria Plan Transitional Rules For Windsor

December 19, 2013

Early Guidance Sheds Light on Impact of United States v. Windsor on Employee Benefit Plans

September 06, 2013

HIPAA Omnibus Regulations: Protections for Genetic Information

February 04, 2013

New Final Regulations Strengthen HIPAA Privacy and Security Rules

January 24, 2013

A Tax-Favored Method Employers Can Use to Assist Employees Affected by Sandy

November 02, 2012

Hurry Up and Wait—New Waiting Period Guidance for Health Plans

September 10, 2012

What To Do with an MLR Rebate Check?

July 24, 2012