Sara Helene Shanti is a partner in the Corporate Practice Group in the firm's Chicago office. She is the host of the Health-e Law podcast, produced by Sheppard Mullin’s Digital Health Team.

Areas of Practice

Sara’s practice sits at the forefront of health-technology by providing practical counsel on healthcare innovation and complex data privacy matters. Using her medical research background and HHS experience, Sara advises providers, payors, start-ups, technology companies, and their investors and stakeholders on digital and novel healthcare regulatory compliance matters, including artificial intelligence and machine learning (AI/ML), augmented and virtual reality (AR/VR), data assets and privacy, gamification, implantable and wearable devices, and telehealth.

Sara has deep experience advising clients on data use and protection under Part 2, HIPAA, GINA, and state privacy laws, such as BIPA and CCPA, and multinational border transmissions. She also assists clients in implementing compliance programs, launching health innovations and investments, and responding to governmental investigations. Her experience extends to consumer and patient rights, including under the American Disabilities Act and Section 1557, medical staff relationships, and navigating the evolving regulatory landscapes for next-generation technology.

At the cutting edge of advising on “data as an asset” programming, red team technology reviews, and information blocking and interoperability under the 21st Century Cures Act, Sara’s practice includes mergers and acquisitions involving crucial, high-stakes, and sensitive data in areas of digital health platforms, medical and wellness devices, and web-based applications and treatment.

Sara also has deep experience with telehealth prescribing laws, including the Ryan Haight Act, and with entities offering services in sensitive healthcare areas, such as behavioral health, fertility, genetics, and substance abuse.

Sara serves as an advocate for minor and patient rights, working as a court-appointed guardian. Before receiving her law degree, Sara applied her biology degree towards medical research projects, concentrating on epigenetics and immunologic responses in cancer patients. Prior to private practice, Sara worked for the U.S. Department of Health and Human Services Office for Civil Rights.



  • Represented national health systems and Fortune 50 companies in the creation and implementation of a global data privacy and security compliance plans, data breach investigations, and Attorneys General inquiries.
  • Represented hospitals and national practices in DOJ and HHS criminal and civil investigations, claim disputes, and subsequent corrective action plans.
  • Represented a global medical device company in restructuring compliance program to minimize EU, federal, and state data privacy risks to $90M+ annual service contracts.
  • Represented a Fortune 100 company in acquiring FDA mobile applications.
  • Represented a Fortune 100 company and state-of-the-art academic facility in a clinical research unit partnership and related compliance matters.
  • Represented investors on regulatory matters in a $100M+ acquisition of a lab testing company and a $1B+ acquisition of a foreign healthcare company.
  • Represented a pediatric hospital with respect to innovative delivery systems and community outreach efforts.
  • Represented global transportation companies related to healthcare transport and reimbursement matters.
  • Represented global mobile application and national telemedicine companies in healthcare regulatory matters and start-up initiatives.



Rising Stars in Law, Crain's Chicago Business, 2021



  • "Protecting Continuity, Workforce, and Physical Assets During the Pandemic," ACC Docket, May 2020
  • "Current business trends to keep an eye on in the age of COVID-19," Chicago Daily Law Bulletin, April 22, 2021
  • "Protecting Continuity, Workforce, and Physical Assets During the Pandemic," ACC Docket, May 2, 2020
  • "Alphabet’s COVID-19 project underscores privacy concerns with big tech," Modern Healthcare, March 21, 2020
  • "What Investors Should Understand About Data Privacy & Security Risks & Opportunities – 5 Key Takeaways," The Healthcare Investor, March 2018
  • Co-author, "Impact of the European Union’s Recently Enacted General Data Protection Regulation (“GDPR”) on U.S. Academic Medical Centers," American Health Lawyers Association E-Alert, May 2016
  • Co-author, "Impact of the European Union's Approved General Data Protection Regulation on Scientific Research and Secondary Uses of Personal Data," Bloomberg BNA Medical Research Law & Policy Report, February 2016

Healthcare Law Blog Posts

Privacy Law Blog Posts

Media Mentions

Speaking Engagements

  • "Wellness Apps and Tracking Technologies, a Virtual Networking Event by the BLG PG," American Health Law Association, November 14, 2023
  • "Legal Changes in the Digital Health Space," MichBio, Life Sciences Showcase, September 18, 2023
  • "Exploring the Impact of the Pandemic on Information Security and Privacy in the United States," June 28, 2023
  • "Changing Landscape of Whistleblowing: Exploring New Standards and Accountability," June 28, 2023
  • Moderator, "Cybersecurity and Patient Safety: Hot Topics," December 2022
  • "The Impact of Artificial Intelligence on Data Privacy, Security, and Liability," November 2020
  • "Data Security Issues Related to Wearables and Trackers," September 2020
  • "Diversity & Implicit Bias: Challenges and Strategies for Inclusion," June 2020
  • "COVID - 19 Critical Legal Implications," March 2020
  • "Emerging Financing Alternatives for Life Sciences Companies: Opportunities and Pitfalls You Need to Know," October 2019
  • "Investments in Provider Support Technology: Mobile Apps, Revenue Cycle Businesses, and Similar Investments," 16th Annual Healthcare and Life Sciences Private Equity and Finance Conference, February 2019
  • "Digital Health and Cybersecurity," 10th Annual Pharmaceutical and Medical Device Conference, November 2018
  • "HIPAA and Mobile Health Applications," HIPAA Webinar Series, September 2018
  • "Wearable Devices and Data Security," Healthcare Litigation and Compliance Webinar Series, August 2018
  • "HIPAA Audits and HIPAA Enforcement – Lessons Learned," HIPAA Webinar Series, July 2018
  • "Telemedicine in Nephrology," 16th Annual Business and Legal Issues in Dialysis and Nephrology Symposium, May 2018
  • "What Investors Should Understand about Data Privacy and Security Risks and Opportunities," 15th Annual Healthcare and Life Sciences Private Equity and Finance Conference, February 2018
  • Group Health Plan HIPAA Compliance Trainings, November-December 2016
  • "HIPAA Compliance Demystified," MATTER – Chicago Healthcare Startup Incubator Workshop, May 2015
  • Expert panelist for International Device and Pharmaceutical Privacy Consortia, 2011-2015
  • Expert panelist for Illinois Association of Health Care Attorneys, 2012-2014
  • HIPAA Omnibus Rule Webcast: New Regulation Considerations, HealthITSecurity, June 2014




American Health Lawyers Association, 2011-Present

B-Sharp (Network for Women In-House Attorneys), 2019-Present

Chicago Volunteer Legal Services (Active Court-Appointed GAL), 2011-Present

Illinois Association of Healthcare Attorneys, 2011-Present

International Association of Privacy Professionals 2013-Present

Digital Media


J.D., Loyola University Chicago School of Law, 2009

B.S., Biology, University of Michigan, 2002


  • Illinois
Jump to Page

By scrolling this page, clicking a link or continuing to browse our website, you consent to our use of cookies as described in our Cookie and Advertising Policy. If you do not wish to accept cookies from our website, or would like to stop cookies being stored on your device in the future, you can find out more and adjust your preferences here.