McDermott is a leading provider of legal advice regarding regulatory and transactional issues raised by the development and implementation of big-data strategies and platforms. We use a multidisciplinary approach to identify the goals and address the legal needs of clients with valuable data assets. This coordinated methodology distinguishes us from other firms that may view data solely as a regulatory or intellectual property concern.
Our team advises data sources and data aggregators on the myriad data privacy and consumer protection law compliance issues raised by the collection, aggregation and use of personally identifiable information and other data from consumers, customers or other data sources. For example, we routinely help clients implement data strategies consistent with the regulatory requirements and expectations of the Federal Trade Commission (FTC) and other federal and state regulators.
Our team advises data sources in connection with agreements for which the primary purpose is the licensing of rights to aggregate and use data. We also counsel clients on service and other agreements where the vendor requests data rights for secondary data uses, and on the following:
Research compliance, research program structure, and operational and compliance infrastructure
Complex research affiliation agreements and arrangements
Scientific review and research misconduct proceedings and investigations (internal and with government involvement)
Biobanking and registry development and compliance, including emerging issues involving the future, unspecified use of biospecimens and genomic data
Development and implementation of data-sharing strategies and platforms to achieve business objectives, particularly in connection with biomedical innovation, health care reform, electronic health record implementation and quality assurance requirements
Data privacy, data mapping and data use strategies for mobile apps and other mHealth and digital technologies
Advised an EHR vendor with the creation and deployment of de-identified health data sets from patient information, including drafting HIPAA de-identification opinions, developing data de-identification policies and procedures, and negotiating agreements with pharmaceutical and biotech companies seeking access to de-identified data sets
Advised a large informatics company on developing a research data acquisition and analysis platform that included federally and privately sourced data
Advised a US manufacturer of industrial products on the privacy implications of selling and remotely operating smart devices in the EU