Confusion, Strife, Challenge: What to Expect With Tech Sector Regulatory Change Related to Privacy Practices

Sherri Douville
7 min readJul 5, 2022

Organizations do not do change well. If you believe that your company will be impacted by new requirements for privacy, read this to understand what to expect.

How Regulatory Change Will Impact Your Company

I have the experience of living through regulatory inflection in BioPharma as a former sales rep. The sentiment and press about privacy in tech today reminds me a lot of BioPharma’s past and even current ghosts. The struggle with what the public understood versus the perception, the real fear and signs of becoming “the new tobacco,” the industry being labeled “evil.” While the BioPharma industry still struggles with the “new tobacco” comparison; this will be hard and new for many people in tech to deal with being treated and called the “new tobacco.”

Tech is About to be Challenged in Extraordinary Ways

This post is not a critique of current tech privacy practices that have real consequences for real people. Some of them are ecosystem level issues that go beyond single software application companies. It is simply an observation on the parallels of what happens to organizations when they are faced with undeniable requirements from all stakeholders (regulatory change) to change the way they operate; just like Pharma did in the 2000’s and Tech should be at least attempting to shortly on privacy. Though Pharma restrictions on operations relates to Marketing; you can argue that’s also coming next for lots of technologies with the way physicians widely feel about what they perceive to be unhelpful (clinically insignificant) and unproven technologies. But this post is not about the technology features exactly. This post is about the urgent requirement for privacy in tech, even those that advertise on that basis and how I predict that it will challenge organizations in extraordinary ways.

Widespread Backlash to Non Existent Data Privacy is Here

As we have learned; due to multiple factors, there is very little health data which is actually private with everyone from Senators to doctors and CISOS practically screaming about the harms; I predict that tech will experience the same type and scale of backlash and impending restrictions regarding privacy and data use that BioPharma did for its Marketing practices in the early 2000’s. I would know, I was an industry scale award winning medical sales rep for close to a decade in over a dozen disease states at Johnson & Johnson.

As I said in this post, about regulatory inflection; all major regulatory shifts in any industry will go through phases of loss (of the old way of doing business) beginning with denial, it’s human and organizational behavior:



How Did the Regulatory Restrictions Affect My Work in BioPharma?

Policymaker and public backlash centered around how much reps like me at the time spent working with physicians and other stakeholders on golf tournaments with a speaker session and speaker programs (dinners where there are speaker sessions.)Working for one of the oldest most storied brands; we were always the most conservative in how we spent as well as the purpose and brand of the educational programs. Though we did still golf, and often at tony resorts.

Regulatory Inflection Was One of the Best Things That Happened For Me Personally

Though I missed golfing with my favorite physicians, I accepted the perception challenge it posed to the public and embraced the new restrictions. Having won several awards in my career; I performed even better after the restrictions. My bosses credited my success with my habit of being highly specific in my work. First, I focused on effective early diagnosis screening tools, partnering with a researcher who had effective novel methods; and then building profiles or personas around patients that would have the best outcomes with our products. I never asked for “all the business or all the potential times that clinics, hospitals, physicians could possibly use product” because that’s not how physicians practice medicine. It’s unethical and impractical.

Career Shaping Challenges

As a side note, the biggest compliment for how well things were going in this new environment for me personally and still likely remains the biggest compliment of my entire career was being asked by one of the chairs at a hospital to give the grand rounds discussion on one of my disease states, ironically given the time of this writing -anti-infectives as I sold a quinolone class antibiotic then. These are the types of opportunities and real career honors that can’t be bought or paid for. I was super excited except that some people that mattered in my chain of command at the company didn’t believe me. They thought it was impossible; this represented an opportunity typically allocated to senior physicians. That huge compliment and the reaction to it and destruction of the joy in it would be instrumental in shaping how I would go on to think about corporations and managing my career forever. As side note, as an entrepreneur today, when I am now offered once in a lifetime, novel opportunities like writing graduate level textbooks/professional education books; I bring everyone who needs to be on board, along for the ride. At the time, I didn’t know how to do that. At least I always had relationships of trust and respect within the medical community that have endured over decades; As an aside, that is much of how I measure my success to this day.

“After years of bad press, and with mounting fears of a regulatory crackdown, drugmakers adopted a voluntary code of conduct in the 2000’s that, among other restrictions, permits only “modest, occasional meals” in “appropriate circumstances,” facilitating “the exchange of medical and scientific information.”[1]

Regulatory Inflection Made Me the Data Driven Leader I am Today

I lived this regulatory shift and I actually loved it myself personally. I relished focusing on the data instead of dealing with planning golf tournaments and dinners, which I found boring to plan (not boring to participate in ;). Physicians are very ethical people and though many of them like golfing, they cherish learning even more. Instead of part of my job being as a golf tournament planner, regulatory change morphed a successful pharmaceutical rep into more of a training and education partner.

Privacy Practices are the Challenge to Tech What Marketing Practices Were/Are to BioPharma

I believe that privacy and the way it demands changes to the operations of tech organizations is exactly like the way that backlash on promotional spending changed and challenged BioPharma in the 2000’s. I don’t envy any company that will deal with the internal strife and external environmental uncertainty that regulatory inflection triggers. Expect things such as diversity, equity, and inclusion to really suffer and slide backwards aggressively. Expect it to be hard and for misalignment to be the norm at the highest levels depending on the title’s priority (P&L, compliance, talent, reputation etc.), and most of all; don’t expect any real substantial change until some kind of enforcement action that is world stopping happens or at least a meaningful warning shot such as a consent decree is made very public in a way that has material impact on a peer company; the latter depicted by the far right bottom of this table here. I designed this table for you to identify where in the phase of denial many stakeholders will be relative to where one is on the probable regulatory inflection path.

An ethical conundrum of misalignment in transition

Be Careful How You Predict or Categorize Who Will Bring the Most Mediocre Losing Behaviors to Your Organization

What I hadn’t anticipated, was how much the change in the regulatory environment would challenge the management environment for a lot of folks in the industry. Many people would not evolve fast and perform as well in a restrictive regulatory environment that required ethical creativity instead of optimizing known patterns. This would be hard on the bottom lines of entire divisions. The people that are likely to take the fall and the blame will not be those that didn’t adapt or perform; it will be those whom society deems the weakest and easiest to bully. Those who don’t come from families with armies of or access to the best lawyers, enormous personal wealth and connections, etc. are vulnerable. It’s not the least talented or lowest performers getting bullied. That’s why today, I’m thrilled to help build diverse board members. Not only is it personally incredibly healing; but I believe that having diverse people in power is the only way to help blunt what can be deeply unfair human nature’s tendency to oversimplify and just blame those who appear the weakest.

Today, I’m thrilled to get to lead Medigram, Inc. where we have always known this regulatory inflection was coming and have been building for it from the start.

Regulatory inflection and failure to adapt will bring out the very worst in mediocre people, no matter what their credentials are or how much a lot about them glitters, or perhaps especially if things about them glitter.

-Sherri Douville, CEO at Medigram

Be prepared.


By Sherri Douville, CEO at Medigram, the Mobile Medicine company. Recognized in 8 categories of top CEOs by Board Room Media (Across SMS, mHealth, iOS, IT, Database, Big Data, Android, Healthcare). Top ranked medical market executive worldwide and #1 ranked in mobile technologycategories (mhealth, iOS, Android), #1–2 (on any given day) for the cybersecurity market in the U.S. on Crunchbase. Best selling editor/author, Mobile Medicine: Overcoming People, Culture, and Governance & Advanced Health Technology: Managing Risk While Tackling Barriers to Rapid Acceleration, Taylor & Francis; Series Editor for Trustworthy Technology & Innovation + Trustworthy Technology & Innovation in Healthcare. (contracted to advise top academic and professional education publisher Routledge, Taylor & Francis).

Sherri is the co-chair of the IEEE/UL JV for the technical trust standard SG project for Clinical IoT in medicine, P2933. She is passionate about redefining technology, software and data for medicine and advanced health technologies in a way that’s worth the trust of clinicians, our family, and friends. Ms. Douville leverages her books to inform her work on the CHIMECDH security specialization certification. She also advises and co-founded the Cybersecurity curriculum for the Black Corporate Board Readiness and Women’s Corporate Board Readiness programs at Santa Clara University.