Spotlight on Paul Rothermel: Attorney, Technologist, Privacy Leader & Mentor

At Gardner Law, we believe the people behind our work deserve to be seen. Today, we spotlight Paul Rothermel, an attorney whose deep experience in privacy, cybersecurity, and health care compliance makes him a trusted guide through evolving legal landscapes.

His lifelong fascination with computer technology started in his parents' basement watching his dad, an electrical engineer, build the family computer in the 1990s. Now, Paul’s practice centers on applying privacy and cybersecurity laws to the life sciences and health care sectors. At Gardner, he advises health care clients, including medical device, biotechnology, and pharmaceutical manufacturers, on HIPAA, GDPR, CCPA, and other state, federal, and international privacy regimes. He helps them design and implement robust data protection programs, stay abreast of new and emerging data laws, negotiate agreements with customers and vendors, perform due diligence, manage data security and privacy risk, and navigate the intersection of health data and emerging technologies.

Before joining Gardner, Paul worked for Medtronic, consulting on data protection and privacy for innovative technologies, clinical research, and vendor risk management. Prior to that, he counseled government health care and human services programs on privacy and cybersecurity matters. He is credentialed as a Certified Information Privacy Manager (CIPM) and licensed attorney.

Clients rely on Paul for practical, business-oriented legal counsel, especially when privacy, cybersecurity, technology, health data, and compliance risks collide. He’s regularly published on regulatory and cybersecurity issues and presented on hot topics like AI’s intersection with HIPAA in medtech.

Paul enjoys spending time with his wife and two boys – camping, attending concerts, and, as a long-suffering Minnesota sports fan, at various sports events. He is an avid French horn player and finds time to play basketball and other sports when he can. He and his wife also volunteer together with a non-profit, Together for Good, which works to keep families together through difficult circumstances.

Clients appreciate Paul’s deep knowledge of privacy and cybersecurity laws, thought leadership on new and emerging privacy issues in medtech, ability to simplify complex issues, and willingness to collaborate with a broad range of stakeholders, including marketing, IT, engineering, sales, finance, quality, regulatory, and other disciplines.

Want to see Paul in action or learn how his team can help with your privacy, cybersecurity, or health data challenges? Register to see Paul’s contributions to our free online and in-person event, Navigating What’s Next: AI, Compliance, and Regulation in Life Sciences. Paul will moderate a panel discussion on AI in the life sciences and share a joint U.S./E.U. privacy, data protection and AI update with Oliver Süme of Fieldfisher.