EXPERIENCED MEDICAL DEVICE ATTORNEY IN MINNESOTA

The medical device industry is constantly changing and growing with new entrants into the market at an ever expanding rate.  The proliferation of medical device manufacturers is fueled not only by start-up businesses but also by the expansion by many established corporate names into the robust medical device market.

Medical device manufacturers must be ever more vigilant against the risks posed by possible cyber-attacks and privacy breaches. Devices, ranging from health apps on a smartphone to insulin pumps and pacemakers, are increasingly being web-enabled (connected through the internet) which makes them susceptible to data interception and cyber threats. If exploited, these vulnerabilities can result not only in data breaches but conceivably in fatalities to people relying on such essential medical devices. Recently the FDA issued new guidelines for data security in medical devices requiring that stricter security measures be implemented before medical devices come to market.

HOW I SERVE MEDICAL DEVICE CLIENTS

At Innova Law Group, I bring my extensive experience in privacy and data security to my medical device clients.  I have worked with medical device clients to assess and mitigate the potential risks to patient privacy as well as data security created by emerging medical device technology.  I am passionate about providing informed and realistic guidance to my medical device clients that will truly serve to encourage innovation and growth as well as protect the patient population.

• Advise clients on best practices for the collection, maintenance, and sharing of high-risk data as well as risk mitigation to help avoid breaches and cyber intrusions.

• Assist my clients to comply with the constantly evolving, industry-specific privacy and data protection regulatory requirements.

• Provides guidance regarding privacy and data protection implications associated with the manufacture and sale of web-enabled and accessible medical devices.

• Assist clients to develop software and cloud vendor agreements, website and mobile app privacy policies and terms and conditions of use, and social media policies, practices and procedures.

• To perform gap analysis and risk assessments of data loss prevention and compliance programs including development of travel policies, discovery protocols and technology deployment.

• Guidance into investigation and implications of unauthorized access, use or disclosure of personally identifiable and health information and in retrieving the unauthorized transfer of data from companies by internal and external actors.

• Advise clients on a wide range of privacy and security issues under the HIPAA (including the Privacy Rule, Security Rule, and Breach Notification), HITECH, state privacy laws and applicable international privacy laws, such as the EU General Data Protection Regulation (GDPR).