Kate Black
Partner
Healthcare Privacy and Data Innovation
In digital health and life sciences, data is essential to building the next generation of personalized health products, platforms, and technology. Companies in this space need privacy counsel that is equally fluent in technology, the health care industry, and the increasingly complex and constantly evolving regulatory environment.
Kelley Drye’s Healthcare Privacy and Data Innovation team brings deep industry knowledge across digital health, life sciences, and emerging health technologies, paired with practical tech fluency to help companies design, deploy, and scale responsibly. We translate complex legal requirements into workable product and contracting strategies—guiding clients through HIPAA and state privacy laws, novel research, product and data use questions, vendor and partnership risk, and evolving enforcement and diligence standards—so privacy accelerates partnerships, procurement, and growth rather than slowing them down.
Why Healthcare Privacy and Data Innovation Matters
Many healthcare, life sciences, and technology companies operate at the intersection of regulated health data, sensitive consumer data, advertising, and emerging technologies. Depending on the business model, data may be subject to HIPAA, HITECH, FTC consumer protection standards, human subjects research rules, and a growing patchwork of state privacy and AI laws—usually several at the same time.
The increased popularity of digital health tools, telehealth, wellness applications, AI driven health solutions, and data partnerships has expanded regulatory, commercial, and litigation scrutiny. Data incidents, vendor relationships, and marketing practices involving health related information can raise issues quickly—even for companies that do not consider themselves part of the traditional healthcare system.
Who We Work With
We advise a broad range of clients across the health and wellness sector, including:
- Consumer health and wellness companies, such as companies offering direct-to-consumer health technology, genetic testing, dietary supplements, and wearable health devices
- Digital health, telehealth, and mental health companies
- Biotechnology, pharmaceutical, clinical labs, and life sciences companies
- HIPAA-covered entities, including health plans, health insurers, and healthcare companies handling protected health information
- Technology companies delivering AI, retail media, and data analytics products and services, including those focused on health
Our experience spans organizations of all sizes, from early stage developers to large, multinational enterprises, and reflects the operational realities of building, scaling, and commercializing in a highly regulated space that also faces competitive pressures.
Our Healthcare Privacy and Data Innovation Services
Compliance Counseling
We help clients understand and operationalize compliance obligations under HIPAA, HITECH, the FTC Act, the Federal Common Rule, and comprehensive and sector specific state privacy and AI laws. Our guidance is grounded in how data is collected, used, and shared in practice—not abstract models that fail under real world conditions.
Regulatory Defense and Investigations
We represent healthcare, life sciences, and other industry clients in regulatory inquiries and enforcement matters involving privacy, data security, and consumer protection. Our team supports efficient, strategic responses that take account of business priorities and long-term regulatory relationships.
Data Use and AI Strategy
Health data is central to scientific research, personalized medicine, patient care innovation, and AI enabled products. We help clients develop data use strategies that responsibly unlock value while managing privacy and security risk. This includes negotiating data sharing and partnership agreements and advising on the evolving regulatory landscape governing AI technologies used in clinical, research, and healthcare settings.
Contracting and Vendor Management
We routinely draft and negotiate business associate agreements, data processing terms, privacy and data security provisions, and AI related contract addenda. Our team also develops contract playbooks and benchmarks market practices to anticipate negotiation friction points and promote consistency across enterprise agreements.
Product and Go-to-Market Counseling
We work closely with in house legal, product, engineering, and compliance teams to address privacy, data access, and consumer protection considerations for new products and services. Our goal is to support compliant launches and continued innovation while managing regulatory risk across healthcare, advertising, and technology frameworks.
Litigation
We defend clients in litigation involving health and consumer data, including class actions arising from data incidents, vendor relationships, tracking technologies, and marketing practices. We regularly address alleged violations of HIPAA and state privacy laws, including actions brought by plaintiffs’ firms seeking to build on state attorneys general investigations and enforcement priorities.
Integrated Support
Privacy and data security issues in healthcare rarely exist in isolation. Questions about health data often intersect with digital advertising, consumer protection, and the risk of regulatory scrutiny or litigation. Our team collaborates closely with colleagues across the firm—including our Advertising and Marketing, FTC and State Attorneys General, and Consumer Class Action Defense practices—to address these issues in a coordinated way.
Alysa Z. Hutnik
Partner
Aaron J. Burstein
Partner
Lauri A. Mazzuchetti
Partner
Paul L. Singer
Partner
Whitney M. Smith
Partner
Laura Riposo VanDruff
Partner
Mason Fitch
Special Counsel
Céline Guillou
Special Counsel
Alexander I. Schneider
Special Counsel
Stephanie A. Carroll
Senior Associate
Austin J. Del Priore
Senior Associate
Andrea deLorimier
Senior Associate
Meaghan M. Donahue
Associate
Frances McDonald
Associate
Speaking Engagement
Speaking Engagement
- | New York, NY
Speaking Engagement
Speaking Engagement
