Allison Spagnolo CIPP

Chief Privacy Officer, Senior Managing Director
Alison Spangolo with curly hair is wearing a black jacket and a plaid shirt

As Chief Privacy Officer and Senior Managing Director, Allison Spagnolo leads the Artificial Intelligence (AI) practice, ensuring governance and compliance for clients’ AI usage, and compliance engagements across sectors including financial institutions, healthcare, and government contractors. This includes reviewing anti-money laundering (AML) and sanctions (OFAC) issues for global banks and multi-national companies, as well as advising on financial crime compliance issues specific to cryptocurrency exchanges and Fintech companies. She has traveled extensively in Europe and Asia for the purpose of leading and conducting on-site inspections and reviews related to NYDFS and Federal Reserve monitorships, BSA/AML audits and other compliance matters.

Additionally, Ms. Spagnolo has extensive experience in developing risk reviews and assessments for public and private entities in a variety of contexts including sufficiency of internal controls. This experience includes identifying risk vulnerabilities and gaps, recommending enhancements to existing compliance frameworks, and implementing best practices. She is skilled at drafting, developing and operationalizing policies and procedures across a variety of industries.

She also advises healthcare clients, including covered entities and business associates, regarding compliance with HIPAA/HITECH and other federal and state privacy, security, and incident response compliance requirements. Ms. Spagnolo has led SOC2, HIPAA/HITECH and HITRUST readiness examinations and remediation efforts, in addition to providing HIPAA security rule risk assessments, registers and remediation plans.

Ms. Spagnolo also serves as the Chief Privacy Officer for Guidepost Solutions, directing global internal privacy compliance efforts, including issues related to the General Data Protection Regulation (GDPR) and the California Privacy Rights Act (CPRA). She also regularly advises clients on identifying and resolving privacy risks, including developing and strengthening privacy compliance programs, assessing vulnerabilities, evaluating data privacy policies, and enhancing procedures.

Prior to joining Guidepost, Ms. Spagnolo was an attorney with Burt, Blee, Dixon, Sutton & Bloom, LLP, where she focused on the area of corporate law. She negotiated, drafted, and administered contracts, policies, and procedures for corporate clients, including monitoring active contracts and changes in the law to ensure client compliance and protect their legal interests. Additionally, Ms. Spagnolo advised clients in regulatory compliance, general business matters, and corporate governance.

Ms. Spagnolo has a professional proficiency in French.

Did You Know?

While traveling in Iceland, Allison climbed a volcano and set sail in an iceberg lagoon.

Education 

  • Juris Doctor, Indiana University Maurer School of Law
  • Bachelor of Arts, Political Science and English, Purdue University, Phi Beta Kappa honors

Certifications

  • Certified Information Privacy Professional

Affiliations

  • International Association of Privacy Professionals

Media + Events

December 19, 2024

The Hidden Dangers of Unregulated AI: How Governance Protects Your Business

Continue Reading
November 14, 2024

Why Corporate AI Policies Fail: Neglecting Cross-Functional AI Governance

Continue Reading
October 31, 2024

How to Build a Strategy to Mitigate AI Risks

Continue Reading
October 28, 2024

Why You Should Care About AI Governance

Continue Reading
October 9, 2024

DOJ Has Issued New Compliance Guidance. Now What?

Continue Reading
July 30, 2024

Can a Failed Privacy Program Lead to Fentanyl Trafficking or OFAC Violations?

Continue Reading
a white pyramid with a blue figure on top of it
July 19, 2023

Lines of Authority: The Critical Need for Role Clarity in Information Security Compliance

Continue Reading
a row of wooden blocks with green arrows pointing in opposite directions
January 17, 2023

Bank Merger Compliance Risks: Are You Prepared?

Continue Reading
a woman stands at a podium with a microphone in front of her
February 8, 2024

Guidepost Solutions Announces Participation In Department Of Commerce Consortium – Dedicated To Ai Safety

Continue Reading
a person is holding a cell phone with the news app open
July 19, 2024

Board Leadership

AI Governance Check: Navigating Compliance and Essential Queries for Board Discussions

Continue Reading
July 11, 2024

Pharmaceutical Compliance Monitor

Compliance Considerations of Cloud-based Technology in the Pharmaceutical Industry

Continue Reading
InvestigationHotlines