Kyle R. Gregory

Experience

Healthcare Technology

• Advised clients across the healthcare sector on a variety of healthcare regulatory compliance issues, including compliance with the Health Insurance Portability and Accountability Act (HIPAA) 42 CFR Part 2 (Federal Confidentiality of Substance Use Disorder Patient Records), state privacy and security laws, disposition of reproductive tissues and federal research requirements.
• Advised a global multibrand company seeking to enter the telehealth space in the development and launch of a white-labeled telehealth platform, including counseling on data ownership strategies, negotiation of platform agreement and drafting multiple contracts for client’s provision of the platform to customers.
• Advised clients regarding healthcare technology issues, including EHR licensing and implementation, patient portals, mobile health, data collection and ownership, de-identification and compliance with Department of Health and Human Services interoperability requirements.
• Advised a global medical device and pharmaceutical client on a variety of privacy and licensing issues surrounding their medical device software offerings.
• Represented large health system in the drafting and negotiation of a participation agreement for access to healthcare analytics platform used to collect, organize and analyze cancer care data, including advising client on numerous issues around collection and ownership, de-identification, privacy and security of data.

Technology/Digital Transformation

• Advised clients in the procurement of software and related vendor services, including serving as the lead associate in negotiating and drafting several technology agreements exceeding $400 million in total value. Agreements have included software as a service (SaaS), managed services, hosting, licensing, complex data use, data center leases and software development agreements.
• Advised a Fortune 500 financial services client in the negotiation and acquisition of $150 million cloud services.
• Counseled a global multibrand restaurant company on the deployment of a global remote audit solution for quality control in more than 30 countries, including the navigation of data protection compliance issues and the drafting and negotiating of the agreements necessary to license the audit solution and the professional services agreements with the vendor providing the auditing services.
• Advised a diversified outsourcing services client in the acquisition of an enterprise SaaS based CRM solution, including negotiating the agreements necessary to license the solution from the vendor and the professional services agreements with the third-party implementor.
• Assisted private equity-backed restaurant franchise company client in the acquisition of $35 million cloud services.
• Served as lead associate in the negotiation of a $10 million cloud services agreement for a public utility client.
• Advised a Fortune 500 food manufacturing client with revising its technology procurement strategy including drafting a form Master Services Agreement to address SaaS, hosting, licensing, and software development issues.
• Served as lead associate for SaaS vendor client in the negotiation and drafting of several multimillion-dollar software services agreements for client’s customers and their franchisees.
• Advised a Fortune 500 general building materials company in its development and provision of SaaS based solutions in the auto-collision repair industry.
• Counseled a global multi-brand restaurant company in the execution of its digital telecommunications strategy, including issues around data ownership, data privacy, end user liability and implementation of brand-based pricing methodologies.

Data Privacy

• Assisted global healthcare company with the creation of streamlined Data Processing Agreements to address EU, Canadian, and US data privacy and security laws.
• Counseled clients on compliance with U.S. state and federal privacy laws, including the Family Educational Rights and Privacy Act (FERPA), the California Consumer Privacy Act (CCPA) and preparing for the new California Consumer Privacy Rights Act (CCPRA) and assisting clients with designing and implementing information governance and privacy compliance programs.
• Advised healthcare clients regarding privacy and security regulatory compliance issues associated with genetic privacy, data de-identification, off-shoring and inter-jurisdictional transfers of personal data, and security risk assessments.
• Provided healthcare litigation funding client with a 50-state analysis of the relevant privacy and security regulatory landscape tailored to client’s specific business model.
• Advised clients in the healthcare sector on data privacy and security incidents, including conducting internal investigations and responding to investigations from the HHS Office of Civil Rights.

Memberships

• Atlanta Life Sciences & Healthcare Group, Steering Committee
• Georgia Bar Association: Health Law Section
• Georgia HIMSS

Community

• Atlanta Volunteer Lawyers Foundation