Anna advises clients in the financial services, healthcare, insurance, and technology industries on data protection, privacy, cybersecurity, and governance issues.  Anna's expertise encompasses the secure handling of confidential and personally identifiable information, as well as compliance with international, federal and state privacy regulations including GDPR, CCPA, HIPAA, CAN-SPAM, BIPA, and TCPA. She has worked closely with companies to build and mature privacy compliance programs, audit their privacy practices, conduct privacy impact assessments and map the use and processing of personal information.  She also provides product counsel to clients on the use of AI, biometric data, and new and emerging technologies. 

Anna routinely works with clients on issues related to protecting data during transactions or reorganizations, such as M&A deals and drafting and negotiating tailored privacy and data security contract provisions.  She has also advised companies on cross border data issues and the use of data transfer mechanisms. 

Anna has significant experience working with clients to identify and remediate potential data security incidents.  She works with clients and third parties to contain incidents and their effects, investigate their cause and impact, and deliver public and regulatory communications on behalf of clients.  Anna also assists clients with all aspects of breach preparedness, including information security governance and risk management and counseling executives on cybersecurity matters. 

As part of her incident response practice, Anna manages cross-border regulatory investigations.  In addition, she regularly assists clients respond to requests from regulators following cyber incidents.  Anna has successfully defended clients in numerous privacy and cyber-related federal and state investigations, including by the HHS Office for Civil Rights, FTC, and state attorneys general. 

Anna spent a year working in the Global Privacy Office of a multinational pharmaceutical company to assist with privacy and legal matters such as developing consent documents, creating internal data handling policies and procedures, and negotiating privacy and security terms with vendors.  Prior to joining Norton Rose Fulbright, Anna served as Vice President of Global Privacy at JPMorgan Chase. Anna is a Certified Information Privacy Professional (CIPP/US) and is licensed to practice in New York.