Key Experience

  • More than 20 years of experience counseling clients on complex privacy and data security matters.
  • Broad-based knowledge, including special emphasis on the health sector.


Jo-Ellyn Sakowitz Klein is a leading practitioner on privacy and data protection matters. She was recognized by The Legal 500 US in the cyber law (including privacy and data protection) category in 2019 and 2020. She has focused on privacy and data protection law for more than 20 years.

Representative Work

  • Represented clients in HIPAA investigations undertaken by governmental authorities. Secured formal complaint closure letters from the U.S. Department of Health and Human Services (HHS), Office for Civil Rights, in investigations initiated against a medical device company and medical center clients.
  • Guided digital health clients in developing unique solutions to address challenges presented by a range of privacy and information security laws. Led the team responsible for addressing privacy issues relating to the first digital pill product approved by the Food and Drug Administration (FDA).
  • Helped clients—such as academic medical centers, medical device companies, health plans and investment firms—prepare for and respond to data breaches. This included developing data breach response plans, evaluating whether breach notification requirements under state and federal law have been triggered, preparing breach notices for affected individuals and preparing breach notices and reports for regulatory authorities.
  • Led privacy and cybersecurity diligence efforts in major transactions and has advised on privacy and cybersecurity terms in deal documents.
  • Drafted and negotiated complex agreements that address privacy and data security issues, including services agreements, confidentiality agreements, personal information security agreements and HIPAA business associate and data use agreements.


Public Service and Affiliations