Julia R. Hesse

Julia Hesse advises companies on a broad range of healthcare, health IT, regulatory, and privacy and data security matters. She counsels private equity and venture capital funds, as well as strategic investors, on healthcare diligence and transactional issues, and analyzes regulatory issues arising in the context of corporate transactions. Julia also works with investors to assess risk related to healthcare regulatory and compliance matters, structures transactions to comply with regulatory requirements, and provides advice in connection with government investigations and compliance remediation.

Julia works closely with clients in the healthcare industry, including licensed healthcare providers, health IT companies, and pharmaceutical and medical device companies, regarding regulatory matters such as fraud and abuse, self-referral laws, licensing, compliance, insurance, HIPAA/ HITECH and state law privacy and data security concerns, including data breach issues. Additionally, Julia is a leading national authority on the regulation of dentists and dental service organizations and advises on the unique structural and regulatory issues for investors in the dental space.

In addition to her work in the healthcare industry, Julia provides guidance to public and private companies and medical institutions on a full range of security and privacy issues including creating effective privacy policies, meeting privacy and security compliance requirements across multiple jurisdictions, ensuring conformity with standards for personal information storage and use, and reporting data breaches.


  • Chambers USA: Healthcare
  • Best Lawyers in America: Health Care Law (2016-2020)
  • Massachusetts Super Lawyers Rising Star (2006-2007)

Representative Engagements

Healthcare Regulatory Matters

  • Routinely provide strategic advice and regulatory review of proposed ownership and compensation arrangements between providers and physicians to achieve business goals while ensuring compliance with Stark Law and federal and state anti-kickback rules.
  • Counsel university and academic medical centers related to conflict of interest issues, including those relating to conflicts of interest in research.
  • Routinely counsel business organizations and healthcare providers about privacy and data security compliance, including review and revision of policies and conducting audits focused both on HIPAA and state law.
  • Extensive experience in data security matters, including acting as lead counsel to institution in addressing data breaches.
  • Routinely advise on research compliance matters, including scientific misconduct investigations and advised on the development of research programs in community physician practices.

Private Equity/Corporate Transactional Matters

  • Routinely provide extensive corporate and regulatory review on behalf of private equity firms’ and investment banks’ acquisition of interests in a variety of entities in the healthcare sector.
  • Leading national expert on regulations affecting dentists and dental support organizations.
  • Routinely advise on corporate formation and governance matters for both for-profit and not-for-profit institutions.

Life Sciences/Human Subjects Protection

  • Routinely draft, review, and negotiate a broad range of agreements on behalf of pharmaceutical and biotech companies, including agreements for and with Contract Research Organizations, clinical laboratory services, clinical trial agreements, and consulting arrangements.
  • Review and update human subjects protection program policies and procedures on behalf of hospitals, for-profit IRBs, and universities; assisted in AAHRPP accreditation process.

Publications and Presentations

  • “Evolving Theories in HIPAA Enforcement,” panelist, AHLA Annual Meeting, June 2019.
  • “Let’s Get Real: Targeting Legal Risk and Threat Intelligence,” speaker, HIMSS19, Orlando, February 2019.
  • “Assessing IoT Risks in Healthcare Environments,” speaker, HealthcareInfoSecurity.com Podcast, February 2019.
  • “How are Delivery Systems Changing to Meet Quoting and Value Expectations,” moderator, Harvard School of Dental Medicine, Leadership Forum, September 2018. 
  • “Health data privacy: How the GDPR will impact EU and US healthcare providers?” speaker, IBA World Life Sciences Conference, Boston, June 2018.
  • “Let’s Get Real: Creating a Practical Data Security Program,” speaker, HIMSS18, Las Vegas, March 2018.
  • “Why hospitals must focus on risk assessments, breach response to strengthen cybersecurity,” quotedHealthcare IT News, January 2018.
  • “Data Security: Threat Assessment in the Ransomware Era,” speaker, HIMSS17, Orlando, February 2017.
  • “Regulatory Developments,” panel moderator and conference co-organizer, Conference for Dental Service Organizations, New York, October 2015 and October 2016.
  • “Data Security: Stepping Up Your Game and Assessing Threats,” speaker, HIMSS16, Las Vegas, March 2016.
  • “Best Practices in HIPAA Security Risk Assessment,” moderator, HIMSS Privacy & Data Security Forum, Boston, December 2015.
  • “Certificates of Confidentiality: When Why and So What?” speaker, Public Responsibility in Medicine and Research 2015 Social, Behavioral and Educational Research Conference, Boston, November 2015.
  • “Five Years Later- The Next Chapter in Affordable Care Act Implementation,” speaker, Boston Bar Association, June 2015.
  • “Data Security Hot Topics: Identifying the Enemies Within the Gates – Do You Know Who's In Your System?” panelist, HIMSS15, Chicago, April 2015.
  • “Certificates of Confidentiality: When, Why, and So What?” speaker, Public Responsibility in Medicine and Research’s 2014 Advancing Ethical Research Conference.
  • “CMS Meaningful Use Rules Are Off to a Meandering Start,” author, Health Law360.
  • “Here's How Health IT Companies Should Comply With HIPAA,” author, Health Law360.
  • “50-State Fraud and Abuse Survey,” Massachusetts chapter co-author,
    American Health Lawyers Association.
  • “Regulatory Developments,” panel moderator and conference co-organizer, Conference for Dental Service Organizations, New York.
  • “Health IT Market Trends,” interviewed, The Metropolitan Corporate Counsel.
  • “Five Business Risks to Consider When Outsourcing Health IT,” co-author, Technology Law360.

Professional and Community Involvement

  • Member of the American Health Lawyers Association
  • Member of the Boston Bar Association (past co-chair of the Health Law Section)
  • Member of the Massachusetts Bar Association
  • Member of the American Bar Association
  • Member of the HIMSS Legal Task Force
  • Member of the Advisory Board of the Petrie-Flom Center for Health Policy, Biotechnology and Bioethics at Harvard Law School
  • Previously on the Board of Trustees for the Shore Country Day School
  • Previously on the Advisory Board of the Medical-Legal Partnership
  • President of Williams College Class of 1995

Education & Credentials

University of Pennsylvania Law School
JD, 2001
University of Pennsylvania Center for Bioethics
M.Bioethics, 2001

Managing Editor (1999-2000), staff member (2000-2001), American Journal of Bioethics

Williams College
BA, 1995, cum laude



Julia's Insights