Anna advises clients in the financial services, healthcare, and technology industries on data protection, privacy, cybersecurity, and governance issues. Anna's expertise encompasses the secure handling of confidential and personally identifiable information, as well as compliance with international, federal and state privacy regulations including HIPAA, CAN-SPAM, and GDPR. She has worked closely with companies to audit their privacy practices, conduct privacy impact assessments, and map the use and processing of personal information. Anna has also advised companies on cross border data issues and the use of data transfer mechanisms.
Anna spent a year working in the Global Privacy Office of a multinational pharmaceutical company to assist with privacy and legal matters such as developing consent documents, creating internal data handling policies and procedures, and negotiating privacy and security terms with vendors. Prior to joining Norton Rose Fulbright, Anna served as Vice President of Global Privacy at JPMorgan Chase. Anna is a Certified Information Privacy Professional (CIPP/US) and is licensed to practice in New York.
2013 - J.D., Graduated with Distinction, Brooklyn Law School
2011 - M.A., American Literature, The Graduate Center, City University of New York
2008 - B.A., Honors, Political Science and English, McGill University
- "The Future of Cyber Threats: When Attacks Cause Physical Harm," New York Law Journal, June 1, 2018
- "Cybersecuirty of Toll Roads: Are We There Yet?," Law360, Expert Analysis, March 27, 2018
- "Navigating pharma's privacy risks: GDPR and beyond," Pharma Times, March 19, 2018
- "Working party publishes draft of GDPR guidleines for Article 49 (export derogations)," Data Protection Report, March 5, 2018.
- "WP29 brings Binding Corporate Rules in line with the GDPR," Data Protection Report, February 28, 2018.
- "But the Emails - Companies' SEC Filings Reflect Ransomware Risks," Data Protection Report, September 11, 2017.
- "US Senators Introduce IoT Cybersecurity Bill," Data Protection Report, August 3, 2017.
- "US Coast Guard Releases Draft Cybersecurity Guidelines," Data Protection Report, July 26, 2017.
- "US Government Contractors Now Required to Train Employees on Privacy" Data Protection Report, February 23, 2017.
- "FDA Issues Final Guidance on Postmarket Medical Device Cybersecurity," Data Protection Report, January 5, 2017.
- "US Commission on Enhancing National Cybersecurity: Action Plan for the President-Elect," Data Protection Report, December 14, 2016.
- "EMA Issues Guidance on Anonymization in Clinical Trials," Data Protection Report, November 14, 2016.
- "HHS Update: Looking Toward Audits and Increased Enforcement" Data Protection Report, September 8, 2016.
- "Your Money or Your PHI: New Guidance on Ransomware," Data Protection Report, July 14, 2016.
Memberships and activities
- International Association of Privacy Professionals
The European Medicines Agency (EMA) issued guidance on the implementation of its Policy 0070 on the publication of clinical data for medicines, including with respect to anonymization of clinical reports for publication..
November 16, 2016