Sara Helene Shanti is a partner in the Corporate Practice Group in the firm's Chicago office.
Areas of Practice
Sara’s practice sits at the forefront of health-technology by providing practical counsel on healthcare innovation and complex data privacy matters. Using her medical research background and HHS experience, Sara advises providers, payors, start-ups, technology companies, and their investors and stakeholders on digital and novel healthcare regulatory compliance matters, including artificial intelligence and machine learning (AI/ML), augmented and virtual reality (AR/VR), data assets and privacy, gamification, implantable and wearable devices, and telehealth.
Sara has deep experience advising clients on data use and protection under Part 2, HIPAA, GINA, and state privacy laws, such as BIPA and CCPA, and multinational border transmissions. She also assists clients in implementing compliance programs, launching health innovations and investments, and responding to governmental investigations. Her experience extends to consumer and patient rights, including under the American Disabilities Act and Section 1557, medical staff relationships, and navigating the evolving regulatory landscapes for next-generation technology.
At the cutting edge of advising on “data as an asset” programming, red team technology reviews, and information blocking and interoperability under the 21st Century Cures Act, Sara’s practice includes mergers and acquisitions involving crucial, high-stakes, and sensitive data in areas of digital health platforms, medical and wellness devices, and web-based applications and treatment.
Sara also has deep experience with telehealth prescribing laws, including the Ryan Haight Act, and with entities offering services in sensitive healthcare areas, such as behavioral health, fertility, genetics, and substance abuse.
Sara serves as an advocate for minor and patient rights, working as a court-appointed guardian. Before receiving her law degree, Sara applied her biology degree towards medical research projects, concentrating on epigenetics and immunologic responses in cancer patients. Prior to private practice, Sara worked for the U.S. Department of Health and Human Services Office for Civil Rights.
- Represented national health systems and Fortune 50 companies in the creation and implementation of a global data privacy and security compliance plans, data breach investigations, and Attorneys General inquiries.
- Represented hospitals and national practices in DOJ and HHS criminal and civil investigations, claim disputes, and subsequent corrective action plans.
- Represented a global medical device company in restructuring compliance program to minimize EU, federal, and state data privacy risks to $90M+ annual service contracts.
- Represented a Fortune 100 company in acquiring FDA mobile applications.
- Represented a Fortune 100 company and state-of-the-art academic facility in a clinical research unit partnership and related compliance matters.
- Represented investors on regulatory matters in a $100M+ acquisition of a lab testing company and a $1B+ acquisition of a foreign healthcare company.
- Represented a pediatric hospital with respect to innovative delivery systems and community outreach efforts.
- Represented global transportation companies related to healthcare transport and reimbursement matters.
- Represented global mobile application and national telemedicine companies in healthcare regulatory matters and start-up initiatives.
Rising Stars in Law, Crain's Chicago Business, 2021
- LexisNexis Practical Guidance, 08.25.2023
- The Practical Guidance Journal, Third Edition , 2023
- Law360, 08.15.2023
- Law360, 07.13.2023
- Law360, 06.29.2023
- AI in Healthcare: Cautions and Considerations of a Healthcare RevolutionPractical Guidance, 06.19.2023
- MedCity News, 05.26.2023
- Chicago Medicine Magazine, 04.2023
- "Protecting Continuity, Workforce, and Physical Assets During the Pandemic," ACC Docket, May 2020
- "Current business trends to keep an eye on in the age of COVID-19," Chicago Daily Law Bulletin, April 22, 2021
- "Protecting Continuity, Workforce, and Physical Assets During the Pandemic," ACC Docket, May 2, 2020
- "Alphabet’s COVID-19 project underscores privacy concerns with big tech," Modern Healthcare, March 21, 2020
- "What Investors Should Understand About Data Privacy & Security Risks & Opportunities – 5 Key Takeaways," The Healthcare Investor, March 2018
- Co-author, "Impact of the European Union’s Recently Enacted General Data Protection Regulation (“GDPR”) on U.S. Academic Medical Centers," American Health Lawyers Association E-Alert, May 2016
- Co-author, "Impact of the European Union's Approved General Data Protection Regulation on Scientific Research and Secondary Uses of Personal Data," Bloomberg BNA Medical Research Law & Policy Report, February 2016
Healthcare Law Blog Posts
- "Texas is Making Moves on a Comprehensive Consumer Privacy Law," May 25, 2023
- "DEA and SAMHSA Extend Tele-Prescribing Flexibilities," May 12, 2023
- "Laboratory and Pathology Information Blocking Concerns," May 12, 2023
- "OCR Announces Proposed Rulemaking to Strengthen Reproductive Health Privacy," April 18, 2023
- "HHS OCR Delivered Annual Reports to Congress," April 17, 2023
- "DEA Proposes Rule for Post-PHE Telemedicine," March 7, 2023
- "ICYMI: HIPAA and Social Media IRL," February 8, 2023
- "Web Tracking Creates a Web of Data Privacy Risks," February 8, 2023
- "The Transformation in Behavioral Digital Health Services," January 31, 2023
- "Recent Developments in Telehealth Enforcement," December 12, 2022
- "Proposal to Overhaul Privacy Law Governing Substance Use Disorder Treatment Records," December 2, 2022
- "The FemTech Revolution," October 11, 2022
- "Proposed Rule Leverages Section 1557 for Healthcare Equity," August 22, 2022
- "Supreme Court Discrimination Case Narrows Scope of Restitution for Individuals," May 25, 2022
- "Top 5 Legal Issues in Digital Health to Watch for in 2022," February 1, 2022
Privacy Law Blog Posts
- "FDA Joins Other Regulators in Focus on AI and Machine Learning," November 22, 2021
- Healthcare IT Today, 08.29.2023
- Managed Healthcare Executive, 05.2023
- Part B News, 05.08.2023
- Part B News, 04.24.2023
- HealthLeaders , 10.18.2022
- Part B News, 10.10.2022
- Part B News, 10.03.2022
- Part B News, 09.26.2022
- Part B News, 08.29.2022
- Part B News, 08.15.2022
- AHLA, 07.19.2022
- "Legal Changes in the Digital Health Space," MichBio, Life Sciences Showcase, September 18, 2023
- "Exploring the Impact of the Pandemic on Information Security and Privacy in the United States," June 28, 2023
- "Changing Landscape of Whistleblowing: Exploring New Standards and Accountability," June 28, 2023
- Moderator, "Cybersecurity and Patient Safety: Hot Topics," December 2022
- "The Impact of Artificial Intelligence on Data Privacy, Security, and Liability," November 2020
- "Data Security Issues Related to Wearables and Trackers," September 2020
- "Diversity & Implicit Bias: Challenges and Strategies for Inclusion," June 2020
- "COVID - 19 Critical Legal Implications," March 2020
- "Emerging Financing Alternatives for Life Sciences Companies: Opportunities and Pitfalls You Need to Know," October 2019
- "Investments in Provider Support Technology: Mobile Apps, Revenue Cycle Businesses, and Similar Investments," 16th Annual Healthcare and Life Sciences Private Equity and Finance Conference, February 2019
- "Digital Health and Cybersecurity," 10th Annual Pharmaceutical and Medical Device Conference, November 2018
- "HIPAA and Mobile Health Applications," HIPAA Webinar Series, September 2018
- "Wearable Devices and Data Security," Healthcare Litigation and Compliance Webinar Series, August 2018
- "HIPAA Audits and HIPAA Enforcement – Lessons Learned," HIPAA Webinar Series, July 2018
- "Telemedicine in Nephrology," 16th Annual Business and Legal Issues in Dialysis and Nephrology Symposium, May 2018
- "What Investors Should Understand about Data Privacy and Security Risks and Opportunities," 15th Annual Healthcare and Life Sciences Private Equity and Finance Conference, February 2018
- Group Health Plan HIPAA Compliance Trainings, November-December 2016
- "HIPAA Compliance Demystified," MATTER – Chicago Healthcare Startup Incubator Workshop, May 2015
- Expert panelist for International Device and Pharmaceutical Privacy Consortia, 2011-2015
- Expert panelist for Illinois Association of Health Care Attorneys, 2012-2014
- HIPAA Omnibus Rule Webcast: New Regulation Considerations, HealthITSecurity, June 2014
- Is Your Website A Data Breach Liability? Legal and Regulatory Considerations Around Website Technology & Third-Party Tracking in HealthcareWebinar, 02.09.2023
- Privacy in the Wake, and a Legislative Awakening., Webinar, 07.26.2022
- Webinar, 05.19.2022
American Health Lawyers Association, 2011-Present
B-Sharp (Network for Women In-House Attorneys), 2019-Present
Chicago Volunteer Legal Services (Active Court-Appointed GAL), 2011-Present
Illinois Association of Healthcare Attorneys, 2011-Present
International Association of Privacy Professionals 2013-Present