Aleksandra Vold

She | Her | Hers

Partner

Chicago
T +1.312.416.6249
F +1.312.416.6201

Overview

Recognized as one of the 40 best Incident Response attorneys in 2021 and 2022, Aleksandra Vold's ability to weave together each client's unique concerns and personalities with her tactical, common sense approach has earned the trust of some of the nation's top healthcare organizations.

Aleksandra's practice is devoted to healthcare, and she has assisted hundreds of healthcare organizations and business associates through privacy and data security incidents, regulatory inquiries and complex Health Insurance Portability and Accountability Act (HIPAA) compliance issues.

Incident Response

When a privacy and/or security incident occurs, Aleksandra takes an arms-linked approach with clients, coordinating a skilled team - including forensic, public relations and negotiations professionals - to quickly help contain the incident, reduce public and regulatory scrutiny, guide investigations and protect the clients’ reputations.

Regulatory Investigations

Whether received in the aftermath of significant incidents or as a result of a complaint, regulatory investigations of healthcare entities and business associates carry significant risk. Clients have entrusted Aleksandra with coordinating the internal investigation for and responding to hundreds of regulatory inquiries conducted by federal and state regulators. Aleksandra’s early-career litigation experience has made her an incredibly effective oral advocate when presenting to regulators, and honed her ability to gracefully work with regulators on difficult points of contention.

Proactive HIPAA Compliance

Aleksandra is a sought-after business partner for privacy and compliance issues. Clients appreciate her ability to leverage her wealth of regulatory and client experiences to help the client find solutions that are bespoke to their organization and particular challenge.

Aleksandra is the firm’s Chicago Digital Assets and Data Management Leader.

Aleksandra brings a strategic advantage to the defense of class action litigation, having started her legal career as a plaintiffs’ attorney focusing on consumer data privacy class actions. Her strengths in cybersecurity are bolstered by her representation of startups and closely held technology companies in a variety of commercial disputes.

Select Experience

  • Handled data breaches ranging from a single record loss to 500 million records lost with multi-national notification requirements, and attacks ranging from drive-by ransomware injections to pervasive network compromises by international hacking groups, which led to personal and company extortion attempts.
  • Counsels some of the nation's largest and most prestigious healthcare organizations on HIPAA Privacy Rule and Security Rule compliance.
  • Coordinates all aspects of data security incident response, from intake and vendor selection (forensics, PR and notification), to supervising and directing forensic investigations and designing public disclosure content and strategy.
More »

Experience

  • Handled data breaches ranging from a single record loss to 500 million records lost with multi-national notification requirements, and attacks ranging from drive-by ransomware injections to pervasive network compromises by international hacking groups, which led to personal and company extortion attempts.
  • Counsels some of the nation's largest and most prestigious healthcare organizations on HIPAA Privacy Rule and Security Rule compliance.
  • Coordinates all aspects of data security incident response, from intake and vendor selection (forensics, PR and notification), to supervising and directing forensic investigations and designing public disclosure content and strategy.
  • Assisted federal law enforcement investigations for two separate hospitals that resulted in the conviction and imprisonment of internal bad actors.
  • Assists in management, investigation and response related to regulatory inquiries from state attorneys general, state regulators and HHS OCR. Coordinates and participates in clients’ internal investigations, document and policy reviews, and drafts formal responses to regulatory inquiries.
  • Works with clients to understand system posture and regulatory environment to counsel on best practices, regulatory requirements and industry standards. Drafts and revises policies and procedures related to privacy, Incident Response Plans, Information Governance policies and Data Mapping initiatives to mitigate cyber risks. Counsels companies in various industries on website best practices, as well as international and domestic requirements for terms of use, and privacy policies.
  • Counsels both acquiring/investing and target companies on the scope of due diligence requests and responses related to data privacy and data security reps and warranties.

Recognitions and Memberships

Recognitions

  • Cybersecurity Docket Incident Response 40 (2021 to 2022)
  • Illinois Super Lawyers "Rising Star" (2013 to 2023)

Memberships

  • American Health Lawyers Association
  • American Bar Association

Prior Positions

  • Columbia College: Adjunct Professor of Law (2010 to 2012)

Admissions

  • U.S. District Court, Northern District of Illinois
  • U.S. Court of Appeals, Seventh Circuit
  • Illinois

Education

  • J.D., John Marshall Law School, 2010; John Marshall Review of Intellectual Property, Staff Editor; CALI Award: Protecting Intellectual Property in a Global/Digital Environment
  • B.A., Columbia College, 2006, cum laude

Blog

In The Blogs

Previous Next
Data Counsel
With New Enforcement Action, FTC Warns Against Health Information Being Used for Advertising Purposes
By Daniel Kaufman, Aleksandra Vold
March 16, 2023
If the Federal Trade Commission’s (FTC) recent pursuits did not make clear the agency’s deep concerns about the use of health information for advertising purposes, a new enforcement action brought by the FTC against BetterHelp – to the...
Read More ->
Data Counsel
HHS Announces New Divisions to Address Weighty Case Load
By Aleksandra Vold
March 3, 2023
On February 27, 2023, the U.S. Department of Health and Human Services (HHS) announced that its law enforcement agency – the Office for Civil Rights (OCR) – will reorganize, adding new divisions to better address the rapid increase in...
Read More ->
Data Counsel
Latest FTC Health Privacy Case Sheds Light on Agency Health Privacy Approaches, Data Counsel
By Daniel Kaufman, Aleksandra Vold
February 7, 2023
Health privacy has been a Federal Trade Commission (FTC) priority for decades, and indeed, one of its very first privacy cases, in the early 2000s, involved the inadvertent sharing of user health data. Fast-forward a few decades, and...
Read More ->
Data Counsel
OCR Guidance on Use of Tracking Technologies Warrants Review of Website Tech
By Stefanie L. Ferrari, Lynn Sessions, Aleksandra Vold
December 13, 2022
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) issued guidance regarding covered entities’ and business associates’ use of tracking technologies (the Guidance). As discussed in greater detail below, the...
Read More ->
Employment Law Spotlight
For California Electronic and Computing Services Companies, New Processes Required Before Responding to Warrants, Subpoenas and Other Information Requests
By Rachel Palmer Hooper, M. Scott McIntyre, Aleksandra Vold
October 12, 2022
In response to the Dobbs decisions, Califoria enacted legislation intended to enhance data privacy and block record requests by other states concerning alleged abortion-related offenses that are lawful in California. In September...
Read More ->