Alexandra P. Moylan, CIPP/US, AIGP

Alex works extensively with health systems and academic research institutions to ensure compliance across Institutional Review Board (IRB) operations, data use and sharing, and human subjects research oversight. She assists with the development and review of IRB policies, data sharing agreements, informed consent templates, and data access workflows that support compliant secondary research, multisite studies, and enterprise data warehouse initiatives. Her counsel integrates HIPAA Privacy and Security Rule requirements with emerging AI and predictive analytics applications, helping organizations leverage data while maintaining regulatory fidelity. She also advises on sponsored research agreements, material transfer agreements (MTAs), and data access frameworks for university-industry collaborations and multiinstitutional research consortia.

In the AI and data governance space, Alex advises on the ethical and regulatory dimensions of algorithmic development, validation, and deployment in health care environments. She counsels clients on compliance with state, federal, and international privacy laws, including HIPAA, the California Privacy Rights Act (CPRA), the General Data Protection Regulation (GDPR), and the EU Artificial Intelligence Act. She has led the design of AI governance frameworks addressing transparency, bias mitigation, and model accountability within enterprise health systems, drawing on standards including the NIST AI Risk Management Framework (AI RMF) and sector-specific FDA guidance on AI/ML-based Software as a Medical Device (SaMD).

Her practice also encompasses complex technology and data transactions, including drafting and negotiating master service agreements, software as a service (SaaS) and software licensing agreements, AI procurement contracts, data use agreements, data licensing agreements, data processing agreements (DPAs), business associate agreements (BAAs), and de-identification agreements for hospitals, research consortia, and technology vendors. She advises clients on vendor due diligence and risk assessment for AI tools and data platforms, helping organizations structure contracts that address intellectual property, data rights, liability, and regulatory compliance.

Clients value Alex's ability to bridge clinical, technical, and legal considerations when advising on digital transformation, data warehousing, and AI implementation. Her counsel provides practical strategies that advance innovation while satisfying regulatory, ethical, and institutional review expectations.

A frequent writer and speaker, Alex contributes thought leadership on health care AI regulation, HIPAA modernization, and research privacy to publications including Bloomberg Law and Corporate Compliance Insights. She serves on the Maryland State Bar Association's AI Task Force and regularly trains clients on privacy, AI, and research compliance programs.

• Negotiated an enterprise-wide agreement on behalf of a major public research university in connection with a landmark partnership with a leading global technology company for the development and deployment of artificial intelligence tools and services across the institution.

• Advised a medical school on structuring and implementing international research collaborations, including compliance with U.S. export control regulations, international research laws, and cross-border data sharing requirements.

• Represented an early-stage digital health company developing AI-powered solutions, providing comprehensive legal support including the drafting and negotiation of a master SaaS agreement and the development of privacy policies, regulatory compliance frameworks, and related governance documentation.

• Negotiated an agreement for the deployment of an artificial intelligence software platform to support clinical trial patient identification and recruitment, advising on regulatory compliance, data privacy, and the responsible use of AI in the clinical research environment.

• Drafted template agreements and terms of use for clients developing AI software for use by life science and health care organizations and advised on regulatory compliance and data privacy issues.

• Provided strategic counsel on AI ethics, governance, and risk management to health care, technology, and life science organizations, helping them navigate the complex and evolving landscape of AI regulation.

• Assisted with the development of internal documents related to AI procurement, vendor management, and data use.

• Provided privacy advice and counsel to clients on collecting, processing, and using personal data to comply with GDPR and US federal and state privacy laws, including drafting informed consent and authorization templates and notices of privacy practices.

• Developed master clinical trial agreement templates and negotiated numerous clinical site agreements, investigator-initiated trial agreements, letters of indemnification, NDAs, informed consent forms, and other documents involved in all phases of clinical research and product development for U.S. and international clinical trials (EU, APAC, and Latin America).

• Negotiated complex data licensing and data sharing agreements.

• Conducted compliance reviews and drafted agreements for CROs and SMOs, including reviewing standard operating procedures.

• Listed in The Best Lawyers in America^® for Medical Malpractice Law - Defendants (2021 – 2026); Product Liability Litigation - Defendants (2024 – 2026); Commercial Litigation (2025, 2026); Mass Tort Litigation/Class Actions - Defendants (2026) 
• The Maryland Daily Record's Business Law Power List (2025)
• Baltimore Business Journal's 40 Under 40 (2022)
• The Maryland Daily Record's Personal Injury & Medical Malpractice Power List (2022)
• Listed in Chambers USA as a leading Litigation: Medical Malpractice attorney in Maryland (2021 – 2025)
• Member – Baltimore City Bar Association
• Member – Baltimore County Bar Association
• Member – Hispanic National Bar Association
• Member – Maryland Defense Counsel
• Member – Maryland State Bar Association
• Member – Maryland State Bar Association Artificial Intelligence Task Force (2024 – 2026)
• Board Member – Baltimore Medical Systems

• "Federal AI Framework and Trump America AI Act: Health Care Impacts" (April 2026)
• "Emerging Federal AI Policy: What To Know and How To Prepare" (April 2026)
• "Status Of AI Regulation On Drug Development," Pharmaceutical Outsourcing (April 2026)
• "2026 AI Legal Forecast: From Innovation to Compliance," republished in CPO Magazine (January 2026)
• "Prepare to Navigate the New Federal AI Policy" (December 2025)
• "OpenAI Updates Usage Policies: Key Considerations and Next Steps for Organizations Deploying AI," republished December 12, 2025, by Law360 (November 2025)
• "Managing Generative AI Legal Risks: A Seven-Question Playbook for GCs," Today's General Counsel (October 2025)
• "Maryland's New Online Data Privacy Act: Sweeping Protections for Consumer Health Data and Implications for Health Care, Life Sciences, and AI," republished November 10, 2025, by The Legal Intelligencer (October 2025)
• "Immediate Action Items to Prepare for Website Automatic Opt-Out Signal Mandates," republished in Law360 (October 2025)
• "How Businesses Can Prepare for Maryland's New Data Privacy Law," Baltimore Business Journal (October 2025)
• "Practical Next Steps for Businesses as Maryland's Updated Consumer Data Privacy Laws Take Effect in October " (September 2025)
• "Illinois Passes Extensive Law Regulating AI in Behavioral Health" (August 2025)
• "DOJ Bulk Data Rule: Key Takeaways for Healthcare and Life Sciences" (May 2025)
• "Executive Orders on Domestic Production of Critical Medicines and Biological Research Security" (May 2025)
• "DOJ Final Rule Applies to Anonymized, Pseudonymized, and De-Identified Data: What Data Licensors Need to Know," republished in FinTech Law Report (April 2025)
• "DOJ Issues Additional Guidance and Clarification on the Bulk Data Transfer Rule: What U.S. Businesses Need to Know ," republished May 5, 2025, in Corporate Compliance Insights (April 2025)
• "OCR Issues "Dear Colleagues" Letter Regarding AI in Medicine," republished January 27, 2025, in The American Lawyer (January 2025)
• "Texas Court Issues Injunction on 2024 HIPAA Reproductive Privacy Rule" (December 2024)
• Co-author – "AI Use Cases in Clinical Research," Bloomberg Law (November 2024)
• "AI Firm Reaches Settlement With Texas Attorney General Over Misleading Accuracy Claims" (September 2024)
• Co-author – "Coming Soon to a Health Care Provider Near You: Requirements of the New Final Rule for Section 1557," AHLA Post-Acute and Long Term Services Practice Group Briefing (May 2024)
• Co-author – "Maryland: The Online Data Privacy Act of 2024 Gains Traction – What Businesses Need To Know Regarding The Proposed Legislation," OneTrust Data Guidance (April 2024)
• "Apologizing Still Works, But Ensure It Is Done Correctly," Healthcare Risk Management (February 2024)
• Co-author – "AI: Considering the Regulatory and Legal Implications," Medical Device & Diagnostic Industry (November 2023)
• Co-author – "Considerations For Compliance With CTIS Submissions Under The EU-CTR," Life Science Leader (May 2023)
• Co-author – "The Anatomy of a Clinical Trial Agreement," Compliance Today (February 2023)

• Panelist – "Data as a Clinical Asset: AI and Digital Health," 2026 Maryland MedTech Summit (March 2026)
• "Demystifying AI in Health Care: Foundations and Practical Legal Guardrails for Health Law Professionals (not repeated)," AHLA Winter Institute: Advising Providers and AI in Health Care (February 2026)
• "GS3 Emerging Technologies Risk and Compliance: Cybersecurity, Privacy, and TCPA," HCCA Healthcare Enforcement Compliance Conference (October 2025)
• "AI Implementation in Clinical Research: Risks, Benefits and Compliance Considerations," Maryland Tech Council Bio Innovation Conference (September 2025)
• "Legal Innovation Forum AI Workshop" (August 2025)
• Panelist – "Futuristic Law: Artificial Intelligence Innovations in Legal Practice," Maryland State Bar Association's Young Lawyers' Section and Baltimore City Bar Associations' Young Lawyers' Division (February 2025)
• Host/Panelist – "Data Governance: Building a Framework for the Future of Emerging Technology," Roundtable, Sixth Annual Maryland Tech Council Technology Transformation Conference (February 2025)
• "Artificial Intelligence: A Brave New World," Mid Atlantic Society of Healthcare Risk Management AI Seminar (December 2024)
• "Section 1557 of the ACA: Impact and Implementation Deadlines," Medical Society of New Jersey Lecture Series (June 2024)
• "One Boring Day: AI Governance and Security," Mind Over Machines (May 2024)
• "AI Governance and Risk Management: Legal Considerations in the Development and Deployment of Generative AI," Perrin Conferences (April 2024)
• "Federal US Privacy Bill on the Horizon? Exploring the Draft APRA & New State Privacy Legislation," OneTrust DataGuidance (April 2024)
• Panelist – "Breaking the Double Bind," World Trade Center Institute's 2023 Women Spanning the Globe Conference (May 2023)

• Baker Donelson Attorneys Recognized in The Best Lawyers in America® 2026 Listing (August 21, 2025)
• Chambers USA Ranks 97 Baker Donelson Attorneys in 2025 Edition (June 5, 2025)
• Baker Donelson Attorneys Recognized in The Best Lawyers in America® 2025 Listing (August 15, 2024)
• Chambers USA Ranks 88 Baker Donelson Attorneys in 2024 Edition (June 6, 2024)
• Baker Donelson's Vivien F. Peaden and Alexandra P. Moylan Earn AI Governance Professional Certification (June 4, 2024)
• Baker Donelson Deepens Life Sciences Bench with Addition of Michael Halaiko and Alexandra Moylan to Health Group (May 21, 2024)

• Alex Moylan and Robert Wells Offer Thoughts on 2026's Most Impactful Medical Practice Trends in Part B News (January 5, 2026)
• Alex Moylan Talks with Part B News About Increasing Legislation Surrounding the Use of AI in Health Care (September 8, 2025)
• Alex Moylan and Michael Halaiko Featured on SupplyChainBrain Discussing Recent Executive Orders Regarding Domestic Production of Critical Medicines (June 23, 2025)
• Alex Moylan Discusses Her Practice in Maryland Daily Record's 2025 Business Law Power List Profile (February 28, 2025)
• Alex Moylan Comments in Corporate Counsel on Texas Attorney General's Generative AI Enforcement Action in Health Care (October 1, 2024)
• Alex Moylan Discusses Governance of Artificial Intelligence in The Maryland Daily Record (August 20, 2024)
• New Health Law Shareholders Michael Halaiko and Alexandra Moylan Featured in Law360 (May 21, 2024)