Understand privacy and data security requirements.

We help companies assess the impact of privacy laws and regulations. Manufacturers are exposed to sensitive information every day. Exposure occurs when performing research, helping patients gain access to therapy, covering cases, and visiting customers, among others.

Looking for a place to start?

See our latest Alerts.

Learn more about information on recent changes to the AdvaMed Code.


For more information, see our latest Alerts.

Representative matters:

  • Reviewing for compliance with HIPAA, HITECH, FTCA, GDPR and CCPA
  • Auditing reimbursement support programs and hubs
  • Responding to requests for manufacturers to sign Business Associate Agreements
  • Reviewing drug and device manufacturer commercial field activities for privacy compliance
  • Helping design privacy-compliant marketing programs
  • Auditing DME makers
  • Counseling manufacturers on the application of the Treatment, Payment and Operations exception
  • Privacy training
  • Case coverage training for field staff
  • Drafting patient authorization and informed consent agreements
  • Counseling manufacturers on how to avoid becoming a Business Associate or Covered Entity
  • Designing, drafting, and implementing privacy policies and procedures
  • Creating remediation plan for breach of patient Protected Health Information (PHI)
  • Assisting manufacturers with matters involving clinical trials and use of patient data
  • Assessing the application of the Privacy Rule in light of conflicting mandated FDA requirements

Gardner Law's Privacy Team