Sara Pullen

About Sara Pullen

Sara’s practice focuses on privacy compliance, technology transactions, and intellectual property, with a strong focus on health care and medical technology and is recognized for her ability to bridge legal, technical, and clinical domains. Drawing on her background as an ICU nurse and her MBA, she brings a unique, practical perspective to advising clients across industries.

[Read Bio]

Closing the Privacy Gap: HIPRA Targets Health Apps and Wearables

November 19, 2025 By Sara Pullen, Angela Burnette and Jennifer Pike

Move over HIPAA…the health privacy landscape may be in for a shakeup. On November 4, 2025, Senator Bill Cassidy, M.D. (R-LA) introduced the Health Information Privacy Reform Act (HIPRA), a bill aimed at closing a gap in health data protections. HIPAA has long governed the privacy of traditional medical records held by health care providers […]

Unlocking the MIND Act: The Senate To Take on the Challenge of Neurotechnology

September 25, 2025 By Sara Pullen

On September 24, 2025, Ranking Member Cantwell (D-Wash.), Leader Schumer (D-NY), and Senator Markey (D-Mass.) announced they will introduce the “Management of Individuals’ Neural Data Act of 2025” (“MIND Act”). If enacted, the MIND Act will direct the Federal Trade Commission (“FTC”) to conduct a comprehensive study and report on the collection, processing, storage, sale, […]

To Delete or Not to Delete: Can 23andMe Really Sell Genetic Data Via Bankruptcy?

April 7, 2025 By Daniel Felz, Joyce Gresko, William Sugden, Kennedy Bodnarek, Anna von Spakovsky and Sara Pullen

On March 23, 2025, 23andMe Holding Co. (“23andMe”) filed for bankruptcy in the Eastern District of Missouri, potentially setting in motion the sale of genetic data collected from more than 15 million people. This has led to news outlets and state Attorneys General encouraging consumers to delete their 23andMe data before it is sold as […]

California Joins the Neural Data Bandwagon

September 12, 2024 By Sara Pullen

On August 31, the California assembly passed SB1223, which amends the CCPA/CPRA to include “neural data” as a type of sensitive data. SB1223, which is likely to become law, defines “neural data” as “information that is generated by measuring the activity of a consumer’s central or peripheral nervous system, and that is not inferred from […]

Making (Brain) Waves: New Colorado Legislation Poised to Protect Privacy of Neural Data

January 19, 2024 By Sara Pullen

Neurotechnology, like wearable EEG headbands and invasive brain implants, collects information from electrical nerve impulses and brain waves derived from your brain, spinal cord, or nervous system. This information, or neurodata, is valuable, unique, potentially individually identifiable, and has the potential to provide access to a person’s memories, biases, and intentions. (For more information, see […]