15 Feb Part 4 – How Health Tech Startups Can Use Data

The NOLA Health Innovators Challenge concludes March 20, 2018, with a pitch finale during New Orleans Entrepreneur Week. As judges from around the country select finalists this month, Parker N. Smith & David C. Rieveschl of Stone Pigman Walther Wittmann L.L.C. explain how data strategies are important for Health Tech startups.  Click here to read Part 3 that started the conversation about data security and privacy.

Data Retention

As part of its written information security policy (WISP), a Health Tech company needs to consider not only how to protect the data it wants to store but, also, how to maintain the data it is required to retain by law. Such retention requirements may be imposed by statutes for certain types of data or by rules prohibiting the destruction of evidence for data relevant to ongoing or anticipated litigation.

Data Analytics & Usage

Of course, a Health Tech company does not usually capture data merely to store and maintain it. Instead, the company typically desires to use such data by, for example, applying advanced analytics to gain new insights. When using data in this way, the company should ensure that it is in compliance with its privacy policy and other restrictions imposed on such use, including relevant anti-discrimination, consumer protection and unfair competition laws.

Data Transfers

In addition to using data directly, a Health Tech company may seek to monetize its data assets by selling or licensing them. In that case, the company must understand who owns and has other rights to the applicable data sets. Because data is typically protected as trade secrets or, in the case of compilations, through copyrights, additional steps need to be taken to ensure the company has the rights it desires to transfer and maintains the rights it desires to keep. Similar considerations should be taken into account if the company’s data is a major asset in a pre-merger or pre-acquisition valuation of the company as a whole.


In the Health Tech space, rights in and to data are often complicated by the fact that valuable data is the result of a collaboration among various entities. For this reason, before collaborating with others, companies should negotiate a written joint development agreement that outlines key provisions, like data ownership. Prior planning is especially important when working with governmental entities (e.g., public universities), which may be subject to special rules and statutory restrictions regarding what can be or must be done with resulting data.


This post provides a broad overview of some data security and privacy issues affecting Health Tech companies. Of course, important issues and complex challenges surround such issues. For this reason, companies should seek the advice of counsel when considering and implementing their data strategies.

Click below to read parts 1 and 2 of this series that examined intellectual property questions for health tech startups.

Part 1
Part 2