Areas of Practice

ITLG strategically guides innovators by navigating them through a wide range of business and legal areas with a holistic approach and proven track record of addressing complex business challenges with practical legal insights.

Jump to a category

AI Governance | Biologics Manufacturing | Business Formation & Strategy | Cybersecurity

Data Privacy | Technology Pricing Models | Technology Transactions | Fractional General Counsel

AI Governance

AI, machine learning, compliance, governance – it can get overwhelming fast.

What is AI governance?

AI governance is a framework of standards and processes that consider factors such as legal requirements, ethics and societal impact, safety and fairness, data privacy, cybersecurity, relevant policies and assessments, and ongoing monitoring (and adjusting) of the AI system. AI governance is necessary and often legally required. That will only increase over time and a smart innovator aims for good practices ahead of legal expectations.

The key is to start somewhere and either build in governance and compliance layers as your AI solution is developed and goes to market or, if your AI solution is out of the gate and in the market, start integrating these concepts. A well-working AI system and model requires a business framework to interlock with development of the AI solution and go beyond the technology build and go to market phases.

ITLG’s focus is for you to feel confident and secure in your approach to AI whether you are pondering developing an AI solution, are in the midst, have a solution built and in place, or are buying tech that includes AI.

Below are some ways we help clients navigate AI governance and compliance:

  • Legal Requirements: identify current and emerging legal requirements that apply to use of your particular AI solution such as showing absence of bias, transparency of the AI model, ongoing monitoring, and assessing risks.

  • Ethical AI: design of AI systems to align with ethical standards and societal expectations.

  • Safety and Fairness: identify and work to mitigate risks of output being biased or having unsafe outcomes for humans.

  • Data Privacy: consider the implications and requirements associated with the extent of use and type of personal data in your AI solution.

  • Cybersecurity: identify potential risks to your AI solution from an intrusion into your environment.

  • AI Policies: assist in developing relevant internal policies for AI governance that address the AI system development life cycle and include decision-making frameworks and oversight mechanisms.

  • Contracting for AI: draft and negotiate agreements that address risk related to use of your AI solution.

back to top

Biologics Manufacturing

The firm has been working with clients in the Contract Development and Manufacturing Organizations (CDMO) field for almost twenty years. We are alongside our CDMO clients from idea phase to startup and fundraising, to production, and to exit or through maturity. Our clients have customers in all phases of drug development from pre-clinical to clinical and commercial. ITLG’s focus is for you to feel confident and secure that your legal and strategic needs are well covered so you can concentrate on the core of your business. We work closely with the client’s employees and consultants to help create a seamless process.

Below are some ways we help biologic manufacturing clients:

  • Business Formation and Strategy: evaluate the appropriate corporate structure, help determine fundraising needs and evaluate options, ongoing evaluation of general business needs and business relationship advice. Also see Business Formation.

  • Negotiation and Contracting: negotiate and draft customer, collaborator, outside service provider, and material supplier agreements. We participate closely with our clients to address market development, emerging technologies, risk, exit opportunities, and other issues specific to biologic manufacturing.

  • Risk Management: mitigate product liability and quality control issues.

  • Regulatory Compliance: assist in compliance with various state, federal and international laws, rules and regulations specifically related to drug development, hazardous materials, workplace safety, and import and export controls.

back to top

Business Formation & Strategy

Forming a business involves several upfront steps and decisions such as where to file to do business, what entity type the business should be, what agreements should be in place before you move forward, and then putting the appropriate agreements and filings in place to move forward. After a business is formed, strategic decisions are always in play, through to an exit or through the many lifecycles of the business. ITLG’s focus is for you to feel confident and secure in your business foundation and decisions so you can concentrate on the core of your business.

Below are some ways we help client with business formation and strategy:

  • Corporate Structure: evaluate the appropriate corporate structure to support your strategic goals and draft business formation agreements and filing documents.

  • Strategic Planning: apply a holistic approach to goals, roadmaps, and other strategic plans with advice that includes business as well as legal considerations.

  • Mergers & Acquisitions: negotiate and draft agreements and spearhead the legal support for mergers, acquisitions, exits, and joint ventures, as well as provide strategic deal structure advice.

  • Risk Management: identify and strategize to mitigate potential legal andbusiness risks in all areas of the business. Data privacy, vendor (supply chain) management, cybersecurity, and artificial intelligence are some specific examples.

  • Contracting: negotiate and draft business agreements through all lifecycles of your business, such as customer terms, partner, reseller and referral terms, confidentiality, technology use and licensing, vendor requirements, and privacy policies as well as assistance with cybersecurity insurance.

  • Compliance & Governance: identify current and emerging legal, regulatory, and industry requirements that impact your business and assist in developing appropriate compliance and governance programs as well as relevant business policies and procedures to address risk.

back to top

Cybersecurity

Cybersecurity involves both technical components and operational business components of protecting information. The operational side should bolster the technical cybersecurity protections, resulting in a resilient stance against bad actors. Legal requirements about cybersecurity are on the uptick and are sometimes obvious,

sometimes not. ITLG’s focus is for you to feel confident and secure in the operational components of your cybersecurity approach so you can concentrate on the core of your business.

Below are some ways we help clients with cybersecurity:

  • Incident Response Planning: evaluate existing Incident Response Plans and provide a gap analysis as well as assist in development of Incident Response Plans that include a robust operational response to events significantly disruptive to technology systems or the core competency of your business and assist with testing your Incident Response Plan via a table-top exercise.

  • Risk Management: identify and strategize to mitigate potential legal and business risks related to internal cybersecurity programs and cybersecurity practices of third parties that integrate or intersect with your business, including appropriate vendor assessments and risks related to your AI systems.

  • Cybersecurity Policies: assist in developing relevant internal policies appropriate to your industry and business that address cybersecurity risks and assessments.

  • Cyber Insurance: assist in your business by identifying and articulating lessened risks and/or cyber practices that favorably impact insurance premiums and come alongside the insurance broker relationship with an aim to differentiate your business to achieve a favorable coverage and premium outcome.

  • Compliance: identify current and emerging legal, regulatory, and industry cybersecurity requirements relevant to your business and assist in integrating the requirements into your contracts and compliance programs.

back to top

Data Privacy

Data privacy refers to requirements that govern all the ways your business interacts with and touches information about individuals (aka personal data). These requirements are often overlapping and may be a federal, state or other country law, regulation, or an industry standard. Data privacy laws in the United States are a patchwork of state laws often relating generically to individuals as resident consumers and federal laws often relate to a particular segment of society such as healthcare information, genetic information, or criminal justice information.

In other countries, data privacy is usually referred to as data protection. Global data protection requirements are also overlapping but are typically based on the individual as a human (not a consumer) and may or may not be based on the individual as a resident. If the data protection requirements are not based on the individual being a resident, this means your business is required to comply if the parameters fit – and often they do.

Data privacy legal requirements can be overwhelming, and businesses are sometimes tempted to sidestep data privacy because it seems like a heavy lift. The key is to start somewhere, determine the most impactful priorities, and regularly continue to build in governance and compliance layers. If your business provides a solution that ingests, stores, processes, or uses information about individuals, you will need a privacy compliance framework to interlock with development of the solution and go beyond the technology build and go to market phases. ITLG’s focus is for you to feel confident and secure in your data privacy/protection program and approach so you can concentrate on the core of your business.

Below are some ways we help clients with data privacy:

  • Compliance: identify current and emerging legal, regulatory, and industry privacy requirements relevant to your business and assist in developing and implementing compliant privacy practices including cross border data transfers and privacy impact assessments. Overlapping compliance requirements are common and your business could be subject to federal, state, sector-specific, and foreign requirements such as the European Union General Data Protection Regulation (GDPR).

  • Contracting: negotiate and draft agreements that address data privacy risk and requirements including agreements with customers, vendors, and partners.

  • Data Governance and Assessments: review existing data governance program and policies and provide a gap analysis or assist in establishing a data governance program, as well as draft internal policies and procedures relating to the business use of personal data and assist in developing often-required privacy impact assessments.

  • Privacy Policies: draft clear privacy policies that describe your business practices relating to the collection, storage, processing and use of personal data. Privacy policies are required on websites and similar public online locations that gather or track personal data of visitors; however, internal privacy statements about personal data of employees and contractors are also advisable.

  • Data Breach Response: identify and assist with data privacy implications of a data breach such as governmental and breach notification requirements.

  • Privacy by Design: intersect with the product design and development of a technology solution, to incorporate Privacy by Design principles into development.

back to top

Technology Pricing Models

Technology pricing is often an issue because tech providers tend to lack involvement in enough different tech transactions to know the different features of an appropriate pricing model. ITLG has a unique skillset in this area that our clients find very valuable. We have deep expertise in technology transactions, resulting in a thorough, practical understanding of the types of pricing models expected by tech buyers and of the types of pricing models advantageous to tech providers, as well as consistency and inefficiency issues that quietly rob overhead in back-office support functions. What sometimes seems like a good model in the sales side of the house turns into manually tracked spreadsheets of exceptions and random timelines in the back office. ITLG’s focus is for you to feel confident and have flexibility in your pricing model and sales approach while retaining appropriate consistency for post-sale tasks.

Below are some ways we help clients with technology pricing models:

  • Pricing Strategy: identify the appropriate selling methodology in your industry and business and determine the base components of a favorable pricing model such as discounts and tiers or unlimited use for a certain number of users with bundled pricing for overflow users.

  • Pricing Model: help architect an advantageous pricing model that meets tech buyer expectations of mainstay components and includes industry-specific or solution-specific components, with the right balance of transparency. For example, additional fees, order term length as opposed to renewal intersection points, and pricing increases.

  • Deal Flexibility: draft order templates that provide both clearly defined flexibility and consistency and assist in training of revenue departments in flexible use of the order.

  • Revenue Sharing Agreements: negotiate and draft agreements with partners, affiliates, resellers and referrals with clearly defined and intentional sharing terms.

back to top

Technology Transactions

Technology transactions involve terms and nuances that are distinctly tech and complex for someone who is not experienced in this area. ITLG has deep expertise in technology transactions and has effectively negotiated both sides of tech transactions countless times. Whether you are purchasing technology, are a technology provider, or in technology procurement, we understand your position well and can articulate nuances that matter. ITLG’s focus is for you to feel secure in the outcome of your technology transactions.

Below are some ways we help clients with technology transactions:

  • Contracting: review, negotiate and draft technology contracts that address relevant issues and risk allocation, with a thorough understanding of both buyer and provider concerns. A typical technology transaction will involve master terms that operate as an umbrella over all transactions between the parties, a statement of work that details work on a specific project, and/or an order that details what products and services are being purchased in a specific transaction. The devil is truly in the details.

  • Issue Examples: software use and licensing, appropriate definitions, clear scope, data privacy, and cybersecurity requirements, intellectual property rights, artificial intelligence, appropriate allocation of risk and liability, and confidentiality.

back to top

Fractional General Counsel

For companies that need legal support but are not at a stage (or desire) to invest in a full-time in-house lawyer, using a fractional General Counsel (GC) is an excellent solution. Partners at ITLG have expertise as a full-time in-house GC as well as being “outside general counsel” for several clients. ITLG’s focus is for you to feel confident that legal priorities in your growing business are being handled well.

Below are some ways we help clients as a fractional GC:

back to top