Overview

Dianne Bourque is a healthcare attorney in Holland & Knight's Boston office who focuses on the Health Insurance Portability and Accountability Act (HIPAA), health information privacy and data security, as well as clinical research and life sciences regulatory issues.

Ms. Bourque advises a variety of healthcare industry clients on a broad range of regulatory issues, including data acquisition and use in artificial intelligence (AI) algorithm training, research, product development and digital health applications. She also advises providers on risk management and patient care matters.

As former in-house counsel to an academic medical center, a large part of Ms. Bourque's practice involves counseling researchers and research sponsors in matters related to the U.S. Food and Drug Administration (FDA) and Office for Human Research Protections (OHRP) regulated clinical research, including consent, access to and use of tissue and associated patient information, expanded access to investigational products and the Institutional Review Board (IRB) process.

In addition, Ms. Bourque counsels healthcare clients and other business entities on a broad range of privacy and data security issues, including HIPAA, 42 C.F.R. Part 2 and state- imposed medical privacy laws. She regularly assists clients with incident response and mitigation, including large-scale data breaches, Office for Civil Rights (OCR) audits and investigations, third-party requests for information, review of HIPAA-related contracts and forms, and privacy-related due diligence. She has successfully defended clients in civil and criminal HIPAA enforcement actions and serves as an expert witness in HIPAA-related litigation.

Prior to joining Holland & Knight, Ms. Bourque worked for a national law firm in Boston. She was an associate staff attorney at a large academic medical center outside of Boston, where she provided general counsel services to medical, professional and administrative staff. She also served as counsel to the hospital's IRB, Ethics Committee, Intellectual Property and Technology Transfer Committee, and the Genetics Advisory Board.

Ms. Bourque was the first Suffolk University Law School student to graduate with a concentration in Health and Biomedical Law. She formerly served as an adjunct professor at Stonehill College, teaching an undergraduate course on healthcare law and is a guest lecturer in the Boston College MS in Cybersecurity, Policy and Governance program and at Boston University Law School.

Representative Experience

  • Advised one of the world's largest genealogy companies on the structure and implementation of a consumer-initiated genetic health test offering
  • Served as outside counsel to a Boston-based federally qualified health center, advising on regulatory, patient care, risk management, litigation and privacy matters
  • Provided healthcare regulatory, privacy and clinical research advice to the health service of a large private university and affiliated dental school
  • Served as counsel to a 501(c)(3) research foundation regarding physician board member conflicts of interest, as well as regulatory and contractual matters associated with its research and educational programs

  • Served as outside counsel to a not-for-profit substance use counseling service and advised on Health Insurance Portability and Accountability Act (HIPAA), 42 C.F.R. Part 2 and state substance use disorder treatment records privacy
  • Represented a national high-complexity genetic testing laboratory in the structure and implementation of a collaborative data repository for testing and clinical outcomes data for providers and researchers
  • Counseled a national provider of digital health products for oral care in a dispute with an overseas business associate vendor regarding the return of HIPAA-protected patient records
  • Advised a national telehealth provider on the structure and implementation of its HIPAA compliance program

  • Advised a national clinical lab on all aspects of incident response and mitigation following a data breach affecting 12 million individuals; the lab avoided Office for Civil Rights (OCR) enforcement
  • Advised a national healthcare provider on all aspects of incident response, including federal and state law enforcement cooperation, following the discovery of an employee-directed, criminal identity theft ring utilizing patient medical records
  • Represented a publicly traded precision medicine company in parallel OCR investigations initiated by separate regional OCR offices following the company's disclosure of two back-to-back large-scale data breaches; the company avoided OCR enforcement in both matters
  • Defended a high-profile sports medicine practice in a U.S. Department of Justice (DOJ) criminal investigation for medical records theft following a dispute among practice physicians; the DOJ declined prosecution

  • Provided contractual, strategic and practical advice to the developer of an SGLT2 inhibitor for Type 2 diabetes on the company's entire domestic and ex-U.S. clinical trials portfolio from phase 1 through commercialization
  • Served as counsel to the Institutional Review Board (IRB) of a Massachusetts academic medical center and community hospital system
  • Served as outside research counsel to a New England hospital system and affiliated university, responsible for regulatory, strategic and contractual matters, as well as investigations
  • Provided regulatory and strategic advice from development through commercialization to the developer of an artificial intelligence (AI)-supported, hand-held medical imaging device and software platform, including data acquisition for algorithm training
  • Counseled a late-clinical-stage biotechnology company through the company's mid-study separation from its contract research organization (CRO) due to poor CRO performance
  • Assisted a publicly traded, clinical-stage biotechnology company with the management of a conflict of interest potentially interfering with the receipt of a significant research grant
  • Assisted a manufacturer of smart, wireless prescription bottles with structuring its patient interface to be consistent with privacy and data security laws and other regulatory issues

Credentials

Education
  • Suffolk University, MPA
  • Suffolk University Law School, J.D.
  • Boston College, B.A.
Bar Admissions/Licenses
  • Massachusetts
Memberships
  • American Healthcare Lawyers Association, 2005-2025
Honors & Awards
  • The Best Lawyers in America guide, Health Care Law, 2020-2025
  • Chambers USA – America's Leading Business Lawyers guide, Massachusetts – Healthcare, 2015-2017, 2021-2024
  • Client Service All-Star, BTI Consulting Group, 2022

Publications

news-icon
Nationwide Preliminary Injunction Halts NIH Indirect Cost Rate Change Notice
Holland & Knight Alert
March 13, 2025
2 Minutes
news-icon
NIH Cuts Research Funding for Indirect Costs
Holland & Knight Healthcare Blog
February 10, 2025
2 Minutes
news-icon
Massachusetts District Court Temporarily Blocks NIH Research Funding Cut
Holland & Knight Healthcare Blog
February 11, 2025
2 Minutes

Speaking Engagements

Which Hat Are You Wearing? HIPAA and Privacy in Value Based Care

American Bar Association (ABA) National Managed Care Institute 2024 / November 7, 2024

HIPAA Update for 2024

Health Care Compliance Association (HCCA) / May 9, 2024

Machine Learning and AI For Healthcare

Healthcare Information and Management Systems Society (HIMSS) / December 14, 2021

Health & Hospital Law: MCLE BasicsPlus!

Minimum Continuing Legal Education (MCLE) / October 19, 2021

Clinical Trial Risk Management During COVID-19

Advanced Medical Technology Association's Virtual MedTech Conference / September 30, 2020

Health and Hospital Law: MCLE BasicsPlus

Panelist / MCLE Conference Center / June 19, 2019
Showing 1-6 of 12