Skip to main content

Dianne J. Bourque

Member

[email protected]

+1.617.348.1614

Follow:
Share:

Dianne advises a variety of health care clients on a broad range of issues, including licensure, regulatory, contractual, and risk management matters, and patient care. As former in-house counsel to an academic medical center, a large part of her practice involves counseling researchers and research sponsors in matters related to FDA and OHRP regulated clinical research, including patient consent, access to and use of tissue and associated patient information, and the Institutional Review Board process. 

She also counsels health care clients and other business entities on a broad range of privacy and data security issues, including the HIPAA Privacy Rule and Security Standards, including requirements under HITECH and the HIPAA Omnibus Rule, 42 CFR Part 2, and state-imposed medical privacy laws. She regularly assists clients with data breach response and mitigation, the implementation of HIPAA-mandated policies and procedures, privacy audits, third-party requests for information, and review of HIPAA-related contracts and forms. She has successfully defended clients in both civil and criminal HIPAA enforcement actions and regularly assists clients with the management of data breaches and other losses of protected health information.

Before joining Mintz, Dianne was an associate staff attorney at the Lahey Clinic, where she provided general counsel services to medical, professional, and administrative staff. She also served as counsel to the Institutional Review Board, the Ethics Committee, the Intellectual Property and Technology Transfer Committee, and the Genetics Advisory Board. Before joining the Lahey Clinic’s legal staff, she worked in the research administration department. Her responsibilities included drafting a regulatory compliance manual detailing laws of concern in basic, clinical, and animal research, continually reviewing relevant regulations to ensure compliance for institutional programs, and researching and advising clients on a broad range of regulatory matters.

Dianne was the first Suffolk University law student to graduate with a concentration in Health Care and Biomedical Law. She formerly served as an adjunct professor at Stonehill College, teaching an undergraduate Health Care Law course.

Dianne is a contributor to the Mintz Health Law & Policy Matters blog as well as the Privacy & Security Matters blog.


Dianne is a long-standing partner to our agency and her in-depth knowledge of our mission is key to our solutions.

- Health Care Client, Chambers USA 2024

Experience

  • Provided strategic counsel to a start-up medical application company that has devised a method to detect mild cognitive impairment as a precursor to more significant cognitive diseases.
  • Counseled a publically traded medical device company on risk management advice and helped them manage multiple significant adverse events following suspension of trial by the FDA.
  • Assisted our client, a manufacturer of smart, wireless prescription bottles, with structuring their patient interface to be consistent with privacy and data security laws and other regulatory issues.
Read less

viewpoints

Consumers are increasingly turning to health apps for a variety of medical and wellness-related purposes. This has in turn caused greater amounts of data—including highly sensitive information—to flow through these apps.
Read more
Consumers are increasingly turning to health apps for a variety of medical and wellness-related purposes. This has in turn caused greater amounts of data—including highly sensitive information—to flow through these apps. These data troves can trigger significant compliance responsibilities for the app developer, along with significant legal and contractual risk.
Read more
Last week, the HHS Office for Civil Rights (OCR) launched an improved version of their HIPAA Breach Reporting Tool (HBRT), commonly referred to by OCR and regulated entities alike as the HIPAA “Wall of Shame.” OCR has also made minor changes to the interface for breach reporting.
Read more
By now, you may have heard about the global ransomware attacks affecting organizations throughout the world. Estimates range from between 150,000 to 200,000 groups in nearly 150 countries, and those numbers could be higher.
Read more
By now, you may have heard about the global ransomware attacks affecting health care and other organizations throughout the world, in particular the United Kingdom, but also in the United States. The ransomware variant, called “Wanna Decryption” or “WannaCry” works like any other ransomware: once it is inadvertently installed, it locks up the organization’s data until ransom is paid.
Read more
On Wednesday, March 8, James B. Comey, Director of the FBI, was at Boston College to deliver the keynote address for the inaugural Boston Conference on Cyber Security (BCCS 2017). 
Read more
On January 18th, the U.S. Department of Health and Human Services (HHS) and 15 other federal agencies issued a final rule updating regulations for the protection of human research subjects, the so-called “Common Rule.”
Read more
On October 7, 2016, the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) published guidance to assist cloud service providers (CSPs) and their customers with HIPAA compliance.
Read more
Health care providers and other HIPAA-regulated entities should take note of the story on our companion blog, Employment Matters, regarding the augmented reality video game craze Pokémon Go.
Read more
On Monday, the Office for Civil Rights (OCR) released important new guidance on ransomware for hospitals and other healthcare providers and finally addressed the question of whether electronic protected health information (ePHI) that has been encrypted on a covered entity’s systems, but potentially not accessed by the hacker, has been breached for HIPAA purposes. 
Read more
Read less

News & Press

Press Release Thumbnail Mintz

187 Mintz attorneys have been recognized by Best Lawyers® in the 2025 edition of The Best Lawyers in America©. Notably, three Mintz attorneys received 2025 “Lawyer of the Year” awards, and 64 firm attorneys were included in the 2025 edition of Best Lawyers: Ones to Watch.

Press Release Thumbnail Mintz

Mintz announced today that 42 of its practices and 83 of its attorneys earned recognition in the 2024 edition of Chambers USA, a guide to the country’s leading law firms. Of those included in the guide, 18 attorneys and seven practice areas were awarded Chambers’ highest ranking, Band 1. The firm obtained new listings in three practice areas and 10 of its lawyers were recognized for the first time.

News Thumbnail Mintz

In a Report on Patient Privacy article, Members Dianne Bourque and Lara Compton shed light on the termination of HIPAA enforcement discretions post-COVID-19. The HHS Office for Civil Rights officially reinstated its authority over telehealth on August 9, necessitating a rapid reassessment of compliance for covered entities and business associates.

Press Release Thumbnail Mintz

Mintz is pleased to announce that 120 firm attorneys have been recognized as leaders by Best Lawyers® in the 2024 edition of The Best Lawyers in America©.

Press Release Thumbnail Mintz

BOSTON –Mintz announced today that 39 of its practices and 81 of its attorneys earned recognition in the 2023 edition of Chambers USA, a guide to the country’s leading law firms.

News Thumbnail Mintz

Health Care Dive interviewed Member Dianne Bourque about the Biden administration's proposed new rule that would ban health care entities from sharing patient information.

News Thumbnail Mintz

Member Dianne Bourque spoke to Bloomberg Law about Regal Medical Group's cyberattack that resulted in the exposure of over 3 million patients' health information.

News Thumbnail Mintz

Axios interviewed Member Dianne Bourque about health privacy in the post-Roe digital age.

Press Release Thumbnail Mintz

Best Lawyers® recognized 108 firm attorneys in the 2023 edition of The Best Lawyers in America©. Notably, two Mintz attorneys – Poonam Patidar and Scott M. Stanton – received 2023 “Lawyer of the Year” awards, and 28 firm attorneys were included in the inaugural edition of Best Lawyers: Ones to Watch.

News Thumbnail Mintz
Mintz Member Dianne Bourque was quoted in an article published by Bloomberg Law about how the Centers for Medicare & Medicaid Services (CMS) has proposed the use of an algorithm in hospitals that guesses people’s race to improve health inequity gaps. The artificial intelligence is intended to serve as a stand-in until CMS can get patients to self-identify.
News Thumbnail Mintz
Mintz Member Dianne J. Bourque was quoted in an article published by MedCity News speaking on the errant email that exposed hundreds of One Medical patients' email addresses. Specifically, she addressed reporting obligations and the impact of the security lapse.
News Thumbnail Mintz
Mintz Member Dianne J. Bourque was quoted in an article published by Bloomberg Law on privacy concerns associated with the federal government’s collection of personal information, including race and ethnicity information, to track Americans getting the COVID-19 vaccine.
News Thumbnail Mintz
Mintz Member Dianne J. Bourque was quoted in an article published by Bloomberg Law on a cyberhack of the U.S. federal courts filing system. Specifically, she addressed why it may be particularly problematic for patients and health-care providers that are involved in litigation.
News Thumbnail Mintz
In Bloomberg Law, Mintz Member Dianne Bourque commented on some of the state and federal privacy laws protecting patient data that Amazon will have to navigate with the launch of its new online pharmacy business.
News Thumbnail Mintz
In Bloomberg Law, Mintz Member Dianne Bourque shared cybersecurity best practices for health care providers, particularly in light of recent ransomware attacks targeting hospitals across the country.
News Thumbnail Mintz
Mintz Member Dianne Bourque was quoted in an article published by Bloomberg Law on privacy concerns with mobile fertility apps as they are not covered by the Health Insurance Portability and Accountability Act.
News Thumbnail Mintz
Mintz Member Dianne Bourque was quoted in an article published by Bloomberg Law on privacy protections and related concerns as the federal government is working with states and private companies to allow immunization databases to share data as part of a COVID-19 vaccine distribution plan.
Press Release Thumbnail Mintz
Firm provides pro bono legal counsel to global health nonprofit on groundbreaking initiative to slow the spread of COVID-19 in the Commonwealth of Massachusetts.
News Thumbnail Mintz
Mintz Member Dianne Bourque was quoted in an article published by the Washington Post on New York’s efforts to distribute tens of thousands of doses of anti-malarial drugs as an experimental, unproven treatment for seriously ill coronavirus patients.
News Thumbnail Mintz
Mintz Member Dianne J. Bourque was quoted extensively in an article published by MedCity News on privacy considerations for individuals that opt to share their data with mobile health apps.
News Thumbnail Mintz
Mintz Member Dianne Bourque appeared on Bloomberg Television’s “Bloomberg Technology” news program to discuss Google’s partnership with Ascension, the nation’s second-largest health system, which includes sharing the personal health data of tens of millions of patients. Ms. Bourque addressed the legality of the arrangement under the Health Insurance Portability and Accountability Act (HIPAA), compliance under the federal privacy law, and legal limitations for using the health data.

The full show is available here, and the segment featuring Ms. Bourque runs from 29:47 - 35:15.
News Thumbnail Mintz
An article published by Wired detailed Google’s partnership with Ascension, the nation’s second-largest health system, which includes sharing the personal health data of tens of millions of patients. In the article, Mintz Member Dianne Bourque was quoted on the legality of the arrangement under the Health Insurance Portability and Accountability Act (HIPAA) and legal limitations for using the health data.
Mintz health care lawyer Dianne Bourque is quoted in this article, which addresses a host of state legislatures—often via consumer protection laws—are redefining what is considered a breach and how providers will need to handle reporting.
This feature article discuses key takeaways following Anthem’s $115 million settlement – one of the largest following a consumer data breach. Mintz Member Dianne Bourque is among the sources discussing what the health care industry can learn.
This article takes a closer look at a hack of Obamacare enrollment records. The piece notes that the breach could lead to an in-depth investigation of the government agency responsible for the federal health-care exchange. It is further noted that this hack could serve as a wake-up call for the government. Member Dianne Bourque is among the industry sources quoted.
Mintz Member Dianne Bourque was quoted in a Bloomberg Law article regarding the possible exposure of patients’ personal data due to cyberattacks on computer chips. Health care organizations are urged to install the most current security patches for their computer networks.
Dianne Bourque, a Member in the firm’s Health Law Practice, was among the group of experts quoted in a Law360 article regarding how a Blue Cross Executive’s divulging of private information about a patient likely triggered an alert with HIPAA's privacy protections. 
Press Release Thumbnail Mintz
Mintz Members will be participating in multiple panel discussions at the 2017 Boston Conference on Cyber Security hosted by Boston College and the FBI. The event presents an opportunity for leading minds to come together and fashion a more secure cyberspace.
Attorneys from Mintz represented Myriad Genetics, Inc. in its acquisition of Assurex Health, an informatics-based precision medicine company providing treatment decision support to health care providers for mental health patients.
Dianne Bourque, a Member in the firm’s Health Law Practice, is quoted in this Law360 article on a Chicago nurse’s tweets of pictures of a shooting victim’s hospital room. The tweet brought about allegations of privacy violations and a lawsuit against the hospital claiming as much.
Firm’s National Healthcare Practice, NY Corporate/M&A and Litigation: General Commercial Among Newest Rankings
Dianne Bourque, a Member in the firm’s Health Law Practice, is quoted in this Part B News article discussing the new HIPAA federal privacy rule for gun control.
The 2015 Chambers USA: America's Leading Lawyers for Business guide names 52 Mintz, Cohn, Ferris, Glovsky and Popeo, P.C.  attorneys as “Leaders in Their Fields.”
Read less

Events & Speaking

Panelist
Nov
7
2024

Which Hat Are You Wearing? HIPAA and Privacy in Value Based Care

ABA National Managed Care Institute 2024

New York, New York

Seminar Reference Image
Speaker
May
9
2024

HIPAA Update for 2024

Organized by HCCA (Health Care Compliance Association)

Webinar

Speaker
Dec
14
2021
Webinar Reference Image
Speaker
Oct
19
2021
Conference Reference Image
Sep
30
2020

Clinical Trial Risk Management during COVID-19

Advanced Medical Technology Association's Virtual MedTech Conference

Online Event

Webinar Reference Image
Apr
21
2020
Webinar Reference Image
Speaker
Mar
2
2020

Healthcare Law & Compliance Institute: Taming Technology

How to Maximize Innovation While Minimizing Risk

Amelia Island, Florida

Speaker
Nov
14
2019

Health and Hospital Law: MCLE BasicsPlus

MCLE Conference Center, 10 Winter Place, via Winter Street

Panelist
Jun
19
2019

Health Care & Cybersecurity: A Powerful Combination

ML Strategies, 701 Pennsylvania Ave, NW, Suite 900, Washington, DC 20004

Speaker
May
23
2019

MCLE New England's 20th Annual Hospital & Health Law Conference 2019

Conflict of Interest and Research Compliance

Ten Winter Place, Boston

Panelist
Mar
8
2017
Panelist
May
2
2016

New England Healthcare Executive Network Meeting

NE Healthcare Executive Network

Boston, MA

Faculty
Mar
1
2016

Anatomy of a HIPAA Breach Master Track

American Bar Association

Webinar

Panelist
Sep
27
2015

Employee Benefits & Healthcare Congress

Employer Healthcare & Benefits Congress (EHBC)

Orange County Convention Center, 9800 International Drive, Orlando, FL

Co-chair
Apr
29
2015
Speaker
Read less

Recognition & Awards

  • Chambers USA: Massachusetts – Healthcare (2015-2017; 2021-2024)

  • BTI Consulting Group Client Service All-Star (2022)

  • Featured in Best Lawyers in America: Health Care Law (2020-2025)

Read less

Involvement

  • Regular guest lecturer, Cybersecurity Policy & Governance Program, Boston College Woods College of Advancing Studies
Read less