Digital Health, Technology and Innovation

Healthcare innovation is creating new investment, research and development opportunities in digital health and health information technology. McGuireWoods helps clients navigate transactional, regulatory and compliance challenges at the intersection of healthcare and technology. The firm’s digital health, technology and innovation team is a vital part of McGuireWoods’ more than 55 healthcare attorneys and more than 45 data privacy and security lawyers practicing in jurisdictions throughout the world.

Telehealth, Mobile Health and Remote Patient Monitoring. Telehealth was created to provide healthcare from a distance. This concept requires digital health companies to know, comply with and implement a patchwork of ever-evolving laws and regulations that differ for each state, payer and country. We help digital health companies keep abreast of these developing compliance requirements.

Our areas of experience include:

  • Telehealth and telemedicine
  • Medical apps
  • Wearables
  • Digital clinical trials
  • Remote patient monitoring
  • Telehealth licensure
  • Value-based care
  • Patient consent
  • Physician-patient relationships
  • Online prescribing
  • Corporate practice of medicine
  • Medicare, Medicaid and private payer reimbursement

Data Privacy and Security. Digital health and health information technology require a hyper-focus on data privacy and cybersecurity. McGuireWoods’ digital health, technology and innovation group has deep experience in the federal Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) Act, the EU’s General Data Protection Regulation (GDPR) and American state privacy laws, such as the California Consumer Privacy Act and Illinois Biometric Information Privacy Act.

The group partners with McGuireWoods’ data privacy and security team to advise clients on data breaches, risk assessments, data privacy and security policies, data governance, drafting HIPAA compliance programs, performing employee training, negotiating business associate agreements. We represent clients in interactions with governmental entities, including investigations and audits by the Office for Civil Rights of the Department of Health and Human Services.  

Health Information Technology. Information technology is crucial to delivering healthcare services today. To avoid costly mistakes, healthcare providers must properly negotiate the high-value and longstanding contracts that govern these vital systems.

Our areas of focus include:

  • Electronic medical record agreements (EMR and EHR)
  • Revenue cycle management agreements
  • Software as a service (SaaS) licensing agreements
  • Vendor and supplier agreements
  • Healthcare IT regulatory compliance, such as information blocking

Big Data and Data Strategies. Information technology requires strategies that can transform and aggregate data. We assist clients in managing and identifying issues involved with data analytics, data mapping, data licensing and data security protections.

Formation, Structuring and Growth. We work with a variety of clients, from early-stage digital health startups to the most sophisticated international digital health companies. We meet clients where they are, whether formation, corporate practice of medicine structuring, mergers and acquisitions, private equity investment, IP protection, venture capital or international complexities.

Mergers and Acquisitions. Purchasing or selling a digital health business is a significant decision that requires an interdisciplinary legal team experienced in corporate transactions, healthcare and technology. We combine our deep understanding of digital health and technology with McGuireWoods’ powerhouse healthcare private equity and mergers and acquisitions team. We also draw upon the services of the firm’s tax and employee benefits, labor and employment, and intellectual property lawyers, as dictated by a transaction.

McGuireWoods has established itself as a leading law firm for M&A and for private equity transactions. Year over year, McGuireWoods ranks among the top five M&A law firms in reputable, benchmarking league tables published by Bloomberg and Refinitiv. The firm’s M&A practice also has earned nationwide recognition from Chambers USA and The Legal 500. These rankings and recognitions demonstrate McGuireWoods’ commitment to client service and quality counsel, no matter the size or nature of the transaction. Clients count on McGuireWoods to understand their legal challenges and develop innovative strategies to close their deals successfully.

Fraud and Abuse. Like traditional healthcare companies, digital health and technology companies are subject to healthcare fraud and abuse laws. These laws govern relationships between providers, physicians and referral sources, and regulate compliance with third-party payer billing requirements.

We advise companies on:

  • The Stark Law
  • The Anti-Kickback Statute
  • Fee splitting
  • Corporate practice of medicine
  • False claims
  • Overpayments
  • Government investigations

McGuireWoods also assists clients with:

  • Litigation and investigations
  • Negotiating corporate integrity agreements
  • Conducting internal audits to assess regulatory compliance
  • Managing responses to government investigations

Our lawyers, like our clients, embrace innovation to shape the future of healthcare.

Health+Tech podcast icon


  • Digital Health Representative Mergers and Acquisitions
    • Represented a leading multispecialty telemedicine provider for hospitals, clinics and remote locations worldwide in its sale to a leading healthcare provider operating in more than 25 states.
    • Represented Assured Healthcare Partners, a diversified alternative asset manager, in its $45 million debt and equity investment in Advantia Health, a healthcare delivery company that provides obstetrics and gynecology, primary care, mental wellness and other services.
    • Represented a private equity firm in its acquisition of a national ophthalmology provider that utilized a hybrid telemedicine solution for millions of yearly telemedicine visits.
    • Represented a provider of digital health solutions to treat behavioral and mental health disorders, in raising money through a SAFE (simple agreement for future equity) financing transaction.
    • Represented a leading global consumer goods company in a reverse subsidiary merger with a technology company that provides digital health SaaS.
  • Digital Health, Employee Benefits and Insurance Representative Matters
    • Represented a California-based provider of employee assistance program services in the rollout of a telehealth platform through a network of 60,000 providers touching 8 million lives.
    •  Represented a leading urology network in the creation of an asynchronous telehealth platform for the treatment of men’s health issues, including prescriptions and lab testing.
    • Represented a national biopharmaceutical research company in developing a telehealth platform for a multistate remote clinical trial program.
    • Advised a healthcare insurer in the development of its telemedicine service line for its beneficiaries in Michigan.
    • Advised a large employer on offering telemedicine through its employee benefit plan.
    • Advised a digital health client on certificate of authority, TPA and URA licensing requirements and additional ongoing regulatory requirements.
  • Digital Health Investigations and Litigation
    • Represented a telemedicine provider in a qui tam case investigated by the federal government based on alleged incorrect billing of services provided to Medicare patients.
    • Represented an electronic medical record vendor in connection with an FCA allegation that the software purportedly caused an upcoding of medical claims.
  • Digital Health Regulatory Matters
    • Counseled a client on the rollout of a digital health app that connects patients to licensed healthcare professionals, including corporate practice of medicine requirements and structuring.
    • Counseled a telemedicine platform in a 50-state rollout, including Medicare, Medicaid and private-payer reimbursement; corporate practice of medicine; state telehealth requirements related to informed consent, medical malpractice insurance, out-of-state licensure and physician-patient relationships. Also drafted telemedicine platform SaaS license agreements; negotiated platform vendor agreements; and drafted all required HIPAA and state-law policies and procedures.
    • Represented a national digital healthcare company developing a multistate telehealth platform for dermatology services.
    • Represented a North Carolina-based medical group in the negotiations of a telemedicine master services agreement.
    • Counseled a multinational telemedicine and virtual healthcare company in the review and comment on telemedicine regulations before a composite medical board. 
    • Counseled a software developer on regulatory issues surrounding development of digital health products.
  • Digital Health and Data Privacy
    • Assisted a large, multisite orthopedic practice in determining whether the loss of a flash drive containing more than 100,000 patient records constituted a breach for purposes of HIPAA.
    •  Represented a Fortune 100 company in a breach of the company’s healthcare data, including supporting compliance with notification to patients, the government and the media under HIPAA, as well as compliance with GDPR and multistate reporting requirements.
    •  Developed HIPAA policies and procedures for various multistate providers, including a provider of inpatient psychiatric services and a provider of substance abuse services. In each of these cases, harmonized HIPAA policies and procedures with state privacy and confidentiality requirements.
    • Advised a healthcare provider in a ransomware breach in which sensitive data, including patient data and social security numbers, were put at risk. Drafted legal hold, HIPAA and multistate-compliant notification letters, and notifications to state attorneys general and other relevant state agencies.
    • Counseled a national healthcare company in the creation of a comprehensive HIPAA and HITECH compliance strategy and program to satisfy its duties as a business associate.
    • Represented a healthcare system in the review and negotiation of electronic medical records (EMR) and revenue cycle management (RCM) agreements.
    • Developed HIPAA policies and procedures for various multistate providers, including an inpatient psychiatric services provider and a substance abuse services provider. In each of these cases, harmonized HIPAA policies and procedures with 42 CFR Part 2 and state law privacy requirements.