People

Allison Spagnolo CIPP

Allison Spagnolo CIPP

Chief Privacy Officer, Senior Managing Director

Allison Spagnolo is a senior managing director who has worked on numerous compliance-based engagements involving financial institutions, healthcare organizations and government contractors. This includes reviewing anti-money laundering (AML) and sanctions (OFAC) issues for global banks and multi-national companies, as well as advising on financial crime compliance issues specific to cryptocurrency exchanges and Fintech companies. She has traveled extensively in Europe and Asia for the purpose of leading and conducting on-site inspections and reviews related to monitorships, BSA/AML audits and other compliance matters.

Additionally, Ms. Spagnolo has extensive experience in developing risk reviews and assessments for public and private entities in a variety of contexts including sufficiency of internal controls. This experience includes identifying risk vulnerabilities and gaps, recommending enhancements to existing compliance frameworks, and implementing best practices. She is skilled at drafting, developing and operationalizing policies and procedures across a variety of industries.

She also advises healthcare clients, including covered entities and business associates, regarding compliance with HIPAA/HITECH and other federal and state privacy, security, and incident response compliance requirements. Ms. Spagnolo has led SOC2, HIPAA/HITECH and HITRUST readiness examinations and remediation efforts, in addition to providing HIPAA security rule risk assessments, registers and remediation plans.

Ms. Spagnolo also serves as the Chief Privacy Officer for Guidepost Solutions, directing global internal privacy compliance efforts, including issues related to the General Data Protection Regulation (GDPR) and the California Privacy Rights Act (CPRA). She also regularly advises clients on identifying and resolving privacy risks, including developing and strengthening privacy compliance programs, assessing vulnerabilities, evaluating data privacy policies, and enhancing procedures.

Prior to joining Guidepost, Ms. Spagnolo was an attorney with Burt, Blee, Dixon, Sutton & Bloom, LLP, where she focused on the area of corporate law. She negotiated, drafted, and administered contracts, policies, and procedures for corporate clients, including monitoring active contracts and changes in the law to ensure client compliance and protect their legal interests. Additionally, Ms. Spagnolo advised clients in regulatory compliance, general business matters, and corporate governance.

Ms. Spagnolo is admitted to practice in the U.S. Court of Appeals for the Seventh Circuit, the Indiana Bar, and the District of Columbia Bar. She has a professional proficiency in French.

EDUCATION

  • Juris Doctor, Indiana University Maurer School of Law
  • Bachelor of Arts, Political Science and English, Purdue University, Phi Beta Kappa honors

CERTIFICATIONS

  • Certified Information Privacy Professional

AFFILIATIONS

  • International Association of Privacy Professionals

LANGUAGES

  • French

Allison Spagnolo is a senior managing director who has worked on numerous compliance-based engagements involving financial institutions, healthcare organizations and government contractors. This includes reviewing anti-money laundering (AML) and sanctions (OFAC) issues for global banks and multi-national companies, as well as advising on financial crime compliance issues specific to cryptocurrency exchanges and Fintech companies. She has traveled extensively in Europe and Asia for the purpose of leading and conducting on-site inspections and reviews related to monitorships, BSA/AML audits and other compliance matters.

Additionally, Ms. Spagnolo has extensive experience in developing risk reviews and assessments for public and private entities in a variety of contexts including sufficiency of internal controls. This experience includes identifying risk vulnerabilities and gaps, recommending enhancements to existing compliance frameworks, and implementing best practices. She is skilled at drafting, developing and operationalizing policies and procedures across a variety of industries.

She also advises healthcare clients, including covered entities and business associates, regarding compliance with HIPAA/HITECH and other federal and state privacy, security, and incident response compliance requirements. Ms. Spagnolo has led SOC2, HIPAA/HITECH and HITRUST readiness examinations and remediation efforts, in addition to providing HIPAA security rule risk assessments, registers and remediation plans.

Ms. Spagnolo also serves as the Chief Privacy Officer for Guidepost Solutions, directing global internal privacy compliance efforts, including issues related to the General Data Protection Regulation (GDPR) and the California Privacy Rights Act (CPRA). She also regularly advises clients on identifying and resolving privacy risks, including developing and strengthening privacy compliance programs, assessing vulnerabilities, evaluating data privacy policies, and enhancing procedures.

Prior to joining Guidepost, Ms. Spagnolo was an attorney with Burt, Blee, Dixon, Sutton & Bloom, LLP, where she focused on the area of corporate law. She negotiated, drafted, and administered contracts, policies, and procedures for corporate clients, including monitoring active contracts and changes in the law to ensure client compliance and protect their legal interests. Additionally, Ms. Spagnolo advised clients in regulatory compliance, general business matters, and corporate governance.

Ms. Spagnolo is admitted to practice in the U.S. Court of Appeals for the Seventh Circuit, the Indiana Bar, and the District of Columbia Bar. She has a professional proficiency in French.

EDUCATION

  • Juris Doctor, Indiana University Maurer School of Law
  • Bachelor of Arts, Political Science and English, Purdue University, Phi Beta Kappa honors

CERTIFICATIONS

  • Certified Information Privacy Professional

AFFILIATIONS

  • International Association of Privacy Professionals

LANGUAGES SPOKEN

  • French