Andrew Kuder

Andrew Kuder is a health care lawyer and member of the Business Law Department with Foley & Lardner LLP. Andrew is based in the firm’s New York office where he is a member of the firm’s Telemedicine & Digital Health Industry Team. 

Privacy & Cybersecurity

Andrew’s work specifically targets privacy and cybersecurity within the healthcare sector. He helps high-growth entrepreneurs and established companies build and develop scalable privacy and cybersecurity programs. He also assists developers of emerging health technologies to fit their products into the framework of state and federal law. He aids clients during cybersecurity attacks and data breaches, including working with in-house counsel and business partners on responding to and mitigating security incidents and determining breach notification requirements under local and federal law.

Before practicing law, Andrew served as Outreach Coordinator with a specialty in Department of Defense and Department of Veterans Affairs issues for the Chairman of the U.S. House of Representatives Defense Appropriations Committee. 

Telemedicine & Digital Health 

"Foley is the premier firm for telehealth counsel."
"A market leader in telemedicine issues." "This is the Dream Team."
     - Chambers USA: America's Leading Business Lawyers (2020, 2021)

Andrew also focuses on matters involving telemedicine, digital health, remote patient monitoring and virtual care. He works with a variety of venture-backed startups, medical groups, and hospital systems to navigate state and federal laws regarding the provision of telehealth services across multi-state footprints. This includes providing counsel on privacy and cybersecurity and key fraud and abuse and other regulatory issues, such as kickbacks, fee-splitting, and self-referral laws, and the corporate practice of medicine. Andrew is a member of the American Telemedicine Association’s Digital Transformation Special Interest Group.

Representative Matters

• Digital Health Artificial Intelligence, Advised emerging technology company on use of machine learning to provide patient diagnosis and treatment. Representation included advising on strategic safeguards to ensure patient health and safety as providers interacted with and utilized machine learning platform to diagnose patient conditions. The work enabled the company to mitigate patient harm as well as identifying and mitigating potential legal liabilities in use of new, largely unregulated technologies.
• Remote Patient Monitoring, Provided advice and counsel to telehealth entrepreneurs on establishing new remote patient monitoring telehealth program on a multi-state footprint, including ensuring compliance with state law requirements and establishing a privacy and cybersecurity program. The representation has enabled the company to scale without consistent regulatory interruption.
• Telehealth Data Breach, Represented telehealth company to mitigate multi-state security incident involving patient health data. Mitigation included reporting breach to individual patients and ensuring compliance with federal and state requirements to report to governmental entities. The representation assisted the company to properly meet regulatory requirements and support patient safety.
• Telemedicine Website Compliance, Represented telemental health company in implementing compliant Terms of Use and Privacy Policy for use with website, as well as assisted in optimizing the patient UX when providing information and obtaining consent. The work assisted the company by providing protections from potential liability and avoid noncompliance with federal and state laws.
• Women’s Health, Represented specialty health care company in merger with female-focused digital health care startup. Representation included a full review of the digital health care startup’s privacy and cybersecurity program as part of due diligence for the merger and identification of strategies for program integration. The representation assisted the company in completing a major transaction.
• Data Commercialization and Cybersecurity Compliance, Assisted major U.S. health care clearinghouse in redeveloping their privacy and cybersecurity compliance program to implement new data monetization strategies for new business lines, including the commercialization of aggregated data. The work enabled the company to expand its scope of business and utilize existing resources more efficiently. 

Education, Professional Memberships, and Community Involvement

Andrew is a member of the American Telemedicine Association (ATA) and American Health Lawyers Association (AHLA). Andrew is admitted to practice in New Jersey and New York.