As Chief Privacy Officer and Senior Managing Director, Allison Spagnolo leads the Artificial Intelligence (AI) practice, ensuring governance and compliance for clients’ AI usage, and compliance engagements across sectors including financial institutions, healthcare, and government contractors. This includes reviewing anti-money laundering (AML) and sanctions (OFAC) issues for global banks and multi-national companies, as well as advising on financial crime compliance issues specific to cryptocurrency exchanges and Fintech companies. She has traveled extensively in Europe and Asia for the purpose of leading and conducting on-site inspections and reviews related to NYDFS and Federal Reserve monitorships, BSA/AML audits and other compliance matters.
Additionally, Ms. Spagnolo has extensive experience in developing risk reviews and assessments for public and private entities in a variety of contexts including sufficiency of internal controls. This experience includes identifying risk vulnerabilities and gaps, recommending enhancements to existing compliance frameworks, and implementing best practices. She is skilled at drafting, developing and operationalizing policies and procedures across a variety of industries.
She also advises healthcare clients, including covered entities and business associates, regarding compliance with HIPAA/HITECH and other federal and state privacy, security, and incident response compliance requirements. Ms. Spagnolo has led SOC2, HIPAA/HITECH and HITRUST readiness examinations and remediation efforts, in addition to providing HIPAA security rule risk assessments, registers and remediation plans.
Ms. Spagnolo also serves as the Chief Privacy Officer for Guidepost Solutions, directing global internal privacy compliance efforts, including issues related to the General Data Protection Regulation (GDPR) and the California Privacy Rights Act (CPRA). She also regularly advises clients on identifying and resolving privacy risks, including developing and strengthening privacy compliance programs, assessing vulnerabilities, evaluating data privacy policies, and enhancing procedures.
Prior to joining Guidepost, Ms. Spagnolo was an attorney with Burt, Blee, Dixon, Sutton & Bloom, LLP, where she focused on the area of corporate law. She negotiated, drafted, and administered contracts, policies, and procedures for corporate clients, including monitoring active contracts and changes in the law to ensure client compliance and protect their legal interests. Additionally, Ms. Spagnolo advised clients in regulatory compliance, general business matters, and corporate governance.
Ms. Spagnolo has a professional proficiency in French.
Did You Know?
While traveling in Iceland, Allison climbed a volcano and set sail in an iceberg lagoon.
