Julia Hesse has been listed in Chambers USA, Best Lawyers in America, and named a Massachusetts Super Lawyers Rising Star. She is the past co-chair of the Boston Bar Association Health Law Section.
Healthcare Transactions: advises private equity, venture capital and strategic investors regarding healthcare diligence, regulatory and transactional issues. Ms. Hesse analyzes regulatory issues arising in the context of corporate transactions, works with investors to assess risk related to healthcare regulatory and compliance issues, structures transactions to comply with regulatory requirements and provides advice in connection with government investigations and compliance remediation.
Health IT: advises businesses on Health IT issues, including providing advice related to privacy and security issues, patient medical records, electronic prescriptions, health information exchange between and among providers, and the use of data and analytics to measure quality of care for reimbursement purposes. In addition, she advises on the emerging issue of HIT as a measurable quality measurement for Medicare, Medicaid and private plan reimbursement. Ms. Hesse also assists health IT providers in developing privacy and security compliance programs. She assists clients in evaluating potential HIPAA breaches and in securing patient information, evaluating whether notice of the breach is required and developing mitigation strategies when a violation has occurred.
Dental Support Organizations: is a leading national authority on the regulation of dentists and dental support organizations. Advises on the unique structural and regulatory issues for investors in the dental space.
Regulatory Matters: counsels a broad range of healthcare clients regarding regulatory matters such as fraud and abuse, self-referral laws, licensing, compliance, insurance, HIPAA/HITECH and state law privacy and data security issues, including data breach issues. Ms. Hesse works with many types of healthcare organizations, including licensed healthcare providers, health IT companies, pharmaceutical and medical device companies, and accountable care organizations.
Privacy & Data Security: counsel public and private companies and medical institutions on a full range of security and privacy issues including: creating effective privacy policies, including online policies for websites; meeting privacy and security compliance requirements across multiple jurisdictions; ensuring conformity with standards for personal information storage and use; and reporting data breaches.
Healthcare Regulatory Matters
- Routinely provide strategic advice and regulatory review of proposed ownership and compensation arrangements between providers and physicians to achieve business goals while ensuring compliance with Stark Law and federal and state anti-kickback rules.
- Counsel university and academic medical centers related to conflict of interest issues, including those relating to conflicts of interest in research, and advise about implementation of programs to monitor compliance with an institution’s conflict of interest policies.
- Routinely counsel business organizations and healthcare providers about privacy and data security compliance, including review and revision of policies and conducting audits focused both on HIPAA and state law.
- Extensive experience in data security matters, including acting as lead counsel to institution in addressing data breaches.
- Routinely advise on research compliance matters, including scientific misconduct investigations and advised on the development of research programs in community physician practices.
- Routinely negotiate managed care contracts on behalf of institutional providers and physician groups.
Private Equity/Corporate Transactional Matters
- Advise private equity and other public and private companies in the context of mergers and acquisitions. Routinely work in teams with other subject area experts (such as IP, real estate and tax) and provided oversight for other attorneys to effectuate complex corporate transactions.
- Leading national expert on regulations affecting dentists and dental support organizations.
- Routinely provide extensive corporate and regulatory review on behalf of private equity firms’ and investment banks’ acquisition of interests in a variety of entities in the healthcare sector.
- Routinely advise on corporate formation and governance matters for both for-profit and not-for-profit institutions.
Life Sciences/Human Subjects Protection/FDA Regulatory Matters
- Provide advice to institutional providers and pharmaceutical and biotech companies related to FDA regulations.
- Routinely draft, review and negotiate clinical trial agreements on behalf of institutional providers and pharmaceutical and biotech companies.
- Routinely draft, review and negotiate a broad range of agreements on behalf of pharmaceutical and biotech companies, including agreements for and with Contract Research Organizations, clinical laboratory services, and consulting arrangements.
- Review and update human subjects protection program policies and procedures on behalf of hospitals, for-profit IRBs and universities; assisted in AAHRPP accreditation process.
Publications and Presentations
- “Evolving Theories in HIPAA Enforcement,” panelist, AHLA Annual Meeting, June 2019.
- “Let’s Get Real: Targeting Legal Risk and Threat Intelligence,” speaker, HIMSS19, Orlando, February 2019.
- “Assessing IoT Risks in Healthcare Environments,” speaker, HealthcareInfoSecurity.com Podcast, February 2019.
- "How are Delivery Systems Changing to Meet Quoting and Value Expectations," moderator, Harvard School of Dental Medicine, Leadership Forum, September 2018.
- "Privacy Developments Within the Life Sciences Industry," moderator, Boston Bar Association Life Sciences Conference, September 2018.
- “Health data privacy: How the GDPR will impact EU and US healthcare providers?” speaker, IBA World Life Sciences Conference, Boston, June 2018.
- “Let’s Get Real: Creating a Practical Data Security Program,” speaker, HIMSS18, Las Vegas, March 2018.
- "Why hospitals must focus on risk assessments, breach response to strengthen cybersecurity," quoted, Healthcare IT News, January, 2018.
- "Data Security: Threat Assessment in the Ransomware Era,” speaker, HIMSS17, Orlando, February 2017.
- “Regulatory Developments,” panel moderator and conference co-organizer, Conference for Dental Service Organizations, New York, October 2016 and October 2015.
- "HIPAA Violations: Taking a Proactive Approach to Guard Against Them," quoted, Dentist's Money Digests, November 2016.
- “Data Security: Stepping Up Your Game and Assessing Threats,” speaker, HIMSS16, Las Vegas, March 2016.
- “Best Practices in HIPAA Security Risk Assessment,” moderator, HIMSS Privacy & Data Security Forum, Boston, December 2015.
- “Certificates of Confidentiality: When Why and So What,” speaker, Public Responsibility in Medicine and Research 2015 Social, Behavioral and Educational Research Conference, Boston, November 2015.
- "Five Years Later- The Next Chapter in Affordable Care Act Implementation," speaker, Boston Bar Association, June 2015.
- "Data Security Hot Topics: Identifying the Enemies Within the Gates–Do You Know Who's In Your System?" panelist, HIMSS15, Chicago, April 2015.
- “Offshoring PHI? Risk Analysis is Key,” quoted, Healthcare IT News, April 2015.
- “Certificates of Confidentiality: When, Why, and So What?,” speaker, Public Responsibility in Medicine and Research’s 2014 Advancing Ethical Research Conference, December 2014.
- "CMS Meaningful Use Rules Are Off to a Meandering Start," author, Health Law360, November 2014.
- “Here's How Health IT Companies Should Comply With HIPAA," author, Health Law360, August 2014.
- “50-State Fraud and Abuse Survey,” Massachusetts chapter co-author, American Health Lawyers Association, June 2014.
- “Regulatory Developments,” panel moderator and conference co-organizer, Conference for Dental Service Organizations, New York, June 2014.
- “Health IT Market Trends,” interviewed, The Metropolitan Corporate Counsel, March 2014.
- "Five Business Risks to Consider When Outsourcing Health IT," co-author, Technology Law360, February 2014.
Professional and Community Involvement
Ms. Hesse is a member of the American Health Lawyers Association, the Boston Bar Association, the Massachusetts Bar Association and the American Bar Association. She is on the Board of Trustees for the Shore Country Day School in Beverly, Massachusetts. Ms. Hesse was co-editor of the Boston Bar Association Health Law Reporter from 2009-2012. Ms. Hesse is also the President of Williams College Class of 1995 and was a community member of the Massachusetts General Hospital IRB from 2003-2008.
Education & Credentials
- University of Pennsylvania Law School
- JD, 2001
- University of Pennsylvania Center for Bioethics
- M.Bioethics, 2001
Managing Editor (1999-2000), staff member (2000-2001), American Journal of Bioethics
- Williams College
- BA, 1995, cum laude
On July 16, 2020, the European Court of Justice (“CJEU”) published its decision in the case of Data Protection Commissioner v. Facebook Ireland Ltd., Schrems (“Schrems II”), invalidating the EU-U.S. Privacy Shield Framework (“Privacy Shield”).
Chambers USA Guide to America’s Leading Lawyers for Business recognized 27 Choate partners as leading counsel in their respective fields, with several receiving Band 1 rankings.
Having research grants in today's climate of academic espionage means you need to take steps to mitigate risk - including educating and training your faculty, stratifying your risk, reviewing key documents, and comparing grant submissions with disclosures.
On October 11, 2019, Governor Gavin Newsom signed into law amendments to the California Consumer Privacy Law Act of 2018 (“CCPA”). The amendments include a requirement that certain businesses that sell California resident consumer Personal Information must register as “Data Brokers” with the California Attorney General by January 31, 2020.
This settlement resolves a lawsuit alleging violations of the False Claims Act and is notable because it is believed to be the first False Claims Act settlement requiring the inclusion of the private equity sponsor as a party.