Jeremiah Posedel

Phone: (312) 569-1504 (312) 569-1504
Fax: (312) 569-3504


Jeremiah Posedel assists clients in two distinct but overlapping domains: (i) information technology transactions and (ii) information privacy and security. First, Jeremiah advises on and negotiates a wide array of transactions involving the acquisition, development and leveraging of information technology assets, including hardware, software and database licensing, outsourcing and cloud-based services arrangements, and system implementation and support agreements. Second, Jeremiah counsels clients on domestic and international privacy and security regulations and standards applicable to the collection, use and disclosure of personal data, including the FTC Act, HIPAA, COPPA, CAN-SPAM, TCPA, GLBA, PCI-DSS, DAA Program for Online Behavioral Advertising, and EU Data Protection Directive. He works with organizations to develop and implement comprehensive privacy/security programs and compliance strategies focused on a variety of data processing activities, including digital and interest-based advertising, big data analytics, workplace monitoring, mobile device and app deployment, cross-border data transfers, clinical research and e-commerce initiatives.

Jeremiah is a Certified Information Privacy Professional (U.S./Europe/Canada) and a visiting lecturer of law (Information Privacy) at Bucerius Law School in Hamburg, Germany.

In 2004, Jeremiah served as a deputy campaign director to President Barack Obama’s successful U.S. Senate campaign.


  • Serve as a Secretariat representative to the Medical Device Privacy Consortium's working group on medical device product security.
  • Served as in-house privacy counsel (on secondment) to global biotech, biopharma, and healthcare companies
  • Advised a global healthcare company on all privacy-related issues associated with its U.S. rollout of a new glucose monitoring system (skin-worn sensor, reader, mobile app and cloud-based system for storing and viewing glucose data) and related direct-to-patient webshop, including transitioning to a HIPAA covered entity, permissible data flows and uses, webshop/CRM integration and patient/HCP onboarding.
  • Counseled a leading pharma company on its formation of a Real World Informatics & Analytics global business division, including developing company policies on the acquisition, use, sharing and de-identification of real-world data (i.e., individual-level or transactional data collected outside the clinical trial setting).
  • Counseled a healthcare information company in an asset purchase deal on the transfer of over 1 million HCP-user accounts established and maintained by the seller in over 40 jurisdictions worldwide in connection with the company's purchase of seller's medical information portal and HCP-user database.
  • Drafted and submitted comments to the FDA on behalf of an international consortium of leading medical device companies in response to the FDA’s Draft Guidance on (i) Content of Premarket
  • Submissions for Management of Cybersecurity in Medical Devices (2013) and (ii) Postmarket Management of Cybersecurity in Medical Devices (2016), in each case with member-company technical input and content contributions
  • Counseled a leading workplace consulting firm on its collection, use and transfer of survey data obtained from client employees, including assessing all data uses and flows by/between the firm and its EU affiliates, performing a gap analysis of the firm's privacy program against applicable U.S. and EU laws and best practices, developing employee notice and authorization forms, and facilitating Safe Harbor certification.
  • Advised four divisions of a leading healthcare company on compliance with HIPAA’s Privacy and Security Rules following issuance of the Final Rule, including assessing potential business associate activities and drafting applicable privacy and security policies.
  • Constructed a mobile app privacy compliance guide for a healthcare company’s app development team.
  • Advised a Fortune 500 manufacturer on the development and implementation of a comprehensive data loss prevention monitoring program in 26 jurisdictions worldwide.
  • Counseled a Fortune 500 biopharma company on its potential participation in a 10-company data sharing initiative aimed at creating a database to jointly store and share de-identified placebo and standard of care data, including negotiating the applicable data sharing agreement and vendor contracts.
  • Analyzed and advised on proposed EU parliamentary committee amendments to the EU GDPR on behalf of an international consortium of leading research-based pharmaceutical and biotech companies.
  • Developed information security policies and procedures for multiple clients based on ISO 27001, AT 101 (SOC2), and HIPAA standards.
  • Managed all aspects of the Safe Harbor assessment and certification process on behalf of medical device and video hosting companies, including performing privacy gap assessments, developing necessary policies and procedures, and creating workplace training materials.
  • Managed and counseled on all compliance matters associated with data breach response on behalf of multiple clients, including planning response strategies, drafting individual and regulator notifications, obtaining credit monitoring services, and developing breach response policies and media statements.
  • Served as lead associate in a multimillion-dollar trademark action (on behalf of trademark holder) against the then-largest convention center in the world, including managing all discovery matters, drafting all substantive motions, arguing and prevailing on a motion to compel, taking and defending all depositions (including FRCP 30(b)(6) and expert witnesses) and preparing settlement negotiation points. Action settled in favor of client with payment of damages and injunctive relief.
  • Negotiated a license and services agreement on behalf of the world’s leading supplier of manufacturing execution systems and IT solutions for the pharmaceutical and biopharmaceutical industries.
  • Assisted a multinational chemicals company in connection with the acquisition and implementation of a global ERP system and related third-party software solutions.
  • Negotiated the acquisition of a cloud-based application and related services that enable health systems to more efficiently manage and evaluate physician compensation plans on behalf of a U.S. health system.
  • Crafted and negotiated a professional services and data sharing agreement relating to the provision and management of an innovative digital learning platform and the maintenance and sharing of student data collected through the platform on behalf of a Chicago-based university.
  • Developed a template master license and subscription agreement for the provider of a comprehensive range of cloud-based business process management solutions for the financial services industry.
  • Counseled a leading online retailer in connection with its acquisition of website development services focused on website-content accessibility for people with disabilities.
  • Negotiated the purchase of cloud-based predictive marketing analytics services on behalf of a U.S. health system.
  • Advised one of the world’s largest snacks companies on its first-ever e-commerce venture, including the outsourcing of all payment card processing functions to an e-commerce provider and applicable PCI DSS obligations.
  • Developed a template U.S. Master Consultancy Services Agreement and statement of work for a leading provider of IT solutions and services to the early development life sciences market for R&D-related data collection, management and analysis.
  • Negotiated a services agreement on behalf of a multi-specialty medical clinic in connection with its acquisition of a platform and managed services for performing continuous privacy monitoring of the client’s EMR system.
  • Counseled a clothing retailer on its purchase of consulting services relating to the installation and integration of new payment terminals in client’s U.S. stores.
  • Developed terms of use and end-user data licenses on behalf of a provider of a cloud-based marketing automation and integration platform.


Illinois Emerging Lawyer, Leading Lawyers (2015-2017)

Awards Methodology (


Bar Admissions

  • Illinois


  • University of Illinois College of Law, J.D., 2006, cum laude
  • Bucerius Law School, Hamburg Germany, 2006
  • Valparaiso University, B.A., 2000, cum laude

Court Admissions

  • U.S. District Court, Central District of Illinois
  • U.S. District Court, Northern District of Illinois


  • Constitutional Rights Foundation Lawyers in the Classroom Program, Volunteer
  • Working in the School Program, Mentor
  • University of Illinois College of Law, Lawyer-to-Lawyer Mentoring Program, Mentor