Check out our most recent article featured in FDLI >

Alexandra Schulz Lawyer
August 30, 2021

Alexandra Schulz


Alexandra provides practical, business-specific solutions to a wide array of clients navigating the everchanging environment of privacy and cybersecurity including those in the life sciences, digital health, and technology-driven sectors. Alexandra works with clients to develop effective, risk-based privacy and data protection strategies in compliance with applicable privacy rules, including the Health Insurance Portability and Accountability Act (HIPAA), Federal Trade Commission (FTC) Act, Children’s Online Privacy Protection Act (COPAA), CAN-SPAM Act, the EU’s General Data Protection Regulation (GDPR) and state privacy laws such as the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CRPA). She also regularly assists clients in the development and implementation of effective and tactical data privacy and security compliance programs, policies, risk assessments, and practices. Against increased government scrutiny and enforcement and external threats to security, clients reach out to Alexandra to evaluate breach notification requirements, incident management response, and remedial measures.  

In addition to privacy and data security matters, Alexandra also advises clients regarding a variety of regulatory matters, including risk assessments, corporate and commercial compliance program development and implementation, internal and external investigations, and industry operational strategies. She also advises on U.S. Food and Drug Administration (FDA) regulatory, compliance, and enforcement issues. She also advises clients in regulated industries on a broad range of business-related matters, including commercial contracting and business startup and formation topics. Alexandra also serves on Kendall PC’s litigation team representing clients in a range of health, science, and technology sectors, including life sciences, pharmaceuticals, and medical devices. She has defended cases involving complex litigation, including product liability matters.

Alexandra earned her Juris Doctor from Villanova University School of Law in 2015 where she was awarded a Dean’s Merit Scholarship. While in law school, Alexandra worked as a legal intern in the pharmaceutical industry where she assisted in-house counsel on numerous tasks and responsibilities including actual and perceived risk mitigation strategies. Alexandra earned her B.A., cum laude, in History from Wake Forest University in 2012. Alexandra is admitted to practice law in both the Commonwealth of Pennsylvania and the State of New Jersey.

Notable Representations:

Data Privacy and Cybersecurity

  • Advising corporate and life sciences clients on the development and implementation of fit-for-purpose privacy and security-related programs including California’s Consumer Privacy Act (CCPA) – other state-related consumer protection statutes – and the Health Insurance Portability Accountability Act (HIPAA), which includes a multitude of data mapping counsel, data protection and privacy plan measures, data subject request response and policies and procedures.
  • Successfully developing and implementing U.S. and European Union-associated privacy and security programs – some from the ground up and others are assessed and modified as necessary.
  • Advising clients regarding the preparation and implementation of privacy-related employee training programs.
  • Conducting live legal insights and compliance training for several industry-sector clients.
  • Advising clients on the Health Information Technology for Economic and Clinical Health (HITECH) Act.
  • Counseling clients on data breach and security incident investigation and notification response(s), including assessment and implementation of remedial measures.
  • Drafting and negotiating privacy and data security provisions for a wide variety of commercial contracts, including service provider agreements.
  • Drafting and negotiating data protection/data processing agreements regarding the handling of protected health data.
  • Counseling clients on website privacy and personal data practices, including the development of website privacy policies and implementation of supporting processes regarding the handling of collected data and personal information.
  • Representing clients in HIPAA Business Associate Agreement (BAA) negotiations, and associated privacy-related third-party negotiations.


  • Assisting clients with the development of correspondence to the Office of Prescription Drug Promotion (OPDP).
  • Advising clients on the legal and regulatory risks associated with manufacturer patient support programs, including field reimbursement manager (FRM) and clinical nurse educator (CNE) roles, and assisting clients in designing and implementing compliance programs related thereto.
  • Developing policies and procedures designed to allow small start-up and mid-sized pharmaceutical companies to implement corporate and healthcare compliance programs in alignment with the Office of Inspector General’s Compliance Program Guidance for Pharmaceutical Manufacturers.
  • Advising multiple types of clients regarding the development and implementation of a fit-for-purpose corporate and commercial compliance program(s).
  • Serving as an interim compliance and privacy officer to several types of industry sector clients.
  • Counseling life sciences and medical device clients, based on specific business operations and organizational structure, on the applicability of the Open Payments reporting requirements of the Patient Protection and Affordable Care Act and related state laws.
  • Conducting a multitude of internal investigations regarding commercial and sales practices to the appropriateness of interactions between commercial and medical departments, and company interactions with healthcare practitioners.
  • Advising and assisting clients with the development and negotiations of Investigator-Initiated Studies (IIS), educational and charitable contribution grants, and other pre-clinical/clinical related agreements.
  • Counseling clients, based on specific business operations, and on the applicability of state-specific pharmaceutical manufacturer and distributor licensure and permit requirements.
  • Assisting clients with the preparation and filing of trademark applications with the United States Patent and Trademark Office.
  • Counseling clients regarding regulatory requirements associated with Investigational New Drugs (INDs).
  • Assisting clients with the development and submission of 510(k) Applications and European Union Design Dossier files.

Business Startup and Formation

  • Advising and assisting clients with business entity startup and formation, including drafting ownership agreements and organizational documents.
  • Counseling clients on equity compensation and key agreements, including drafting equity compensation award agreements and underlying plans.
  • Counseling and assisting clients on the execution of a private placement offering, including in the preparation, and filing of a Securities Exchange Commission (SEC) Form D and related state notice filings.

Commercial Contracting

  • Representing and advising manufacturers in the drafting and negotiation of exclusive pharmaceutical licensing agreements.
  • Representing and advising manufacturers in the execution of manufacture and supply agreements.


  • Defending multi-national pharmaceutical and medical device manufacturers in complex product liability litigation.


  • Jamie Kendall, Brad Welsh, & Alexandra Schulz, Trump’s Push for Direct Medicare Drug Price Negotiations Addresses Only One Piece of the Industry’s Drug Pricing Puzzle, United States Biopharmaceuticals 2017, Global Business Reports, May 2017, at 25
  • Jamie Kendall & Alexandra Schulz, Why Patient Experience Data Provisions Face Elimination, Law360, (Mar. 22, 2017)
  • Jamie Kendall & Alexandra Schulz, What First Amendment? FDA Remains Unfazed by Off-Label Communication Issues, Pharm Exec.Com (Mar. 7, 2017)
  • shield

    We guarantee 100% privacy.
    Your information will not be shared.

  • This field is for validation purposes and should be left unchanged.