Elise R. Elam

She | Her | Hers


T +1.513.929.3490
F +1.513.929.0303


Elise Elam guides clients through data security matters, including coordinating digital forensic investigations, determining breach notification obligations, overseeing implementation of restoration efforts and responding to regulatory inquiries. As a Certified Information Privacy Professional with a Master’s degree in Information Technology, Elise bridges the gap between legal, business and technology perspectives for clients.

Elise's passion for technology is the driving force behind her digital risk advisory and cybersecurity practice. She provides clients with a thorough, comprehensive view of their complex cybersecurity and privacy matters. Notably, she aids clients in preparing for and responding to data breach incidents. She works closely with clients to guide them through incident response and data breach investigations, including coordinating digital forensic investigations of data security incidents, determining breach notification obligations, and overseeing implementation of restoration efforts. Additionally, she has considerable experience preparing consumer and regulatory notification communications, as well as responses to regulatory inquiries. Elise has handled security incidents for a wide range of small and large entities, including educational institutions and other nonprofits, manufacturing companies, restaurants and technology companies.

Elise previously served as a member of the team serving as counsel to the court-appointed Trustee under the Securities Investor Protection Act in the liquidation of Bernard L. Madoff Investment Securities, LLC, analyzing documents for responsiveness and relevance. By combining her experience handling complex challenges and her understanding of data privacy management, Elise positions clients to knowledgeably protect their digital assets.

Elise currently teaches Cyber Law and Policy for Information Technology as an adjunct professor for the Master of Information Technology Program at the Virginia Tech Pamplin College of Business.

Recognitions and Memberships


  • Certified Information Privacy Professional – Europe (CIPP/E)
  • Certified Information Privacy Professional – United States (CIPP/US)
  • Certified Information Privacy Manager (CIPM)
  • Certified Information Privacy Technologist (CIPT)


  • Cincinnati Bar Association, Cybersecurity & Data Privacy Practice Group: Vice Chair
  • International Association of Privacy Professionals (IAPP), Cincinnati KnowledgeNet Chapter: Young Privacy Professional
  • Ohio State Bar Association
  • Kentucky Bar Association
  • Northern Kentucky Bar Association


  • Cincinnati Bar Foundation: Board of Trustees
  • The Children's Home of Cincinnati, Ambassador Board: Engagement Committee Co-Chair
  • Covington Latin School, Alumni Association Board: Immediate Past President
  • The Hyde Park Center for Older Adults (2017 to 2019)
    • Board Member
    • Secretary of Board
    • Personnel Committee Chair

Prior Positions

  • Virginia Tech Pamplin College of Business, Master of Information Technology Program: Adjunct Professor, Cyber Law and Policy for Information Technology (currently)
  • The Honorable Jody M. Luebbers, Hamilton County Court of Common Pleas: Judicial Law Clerk


  • Ohio
  • Kentucky


  • M.S., Information Technology, Virginia Polytechnic Institute and State University, 2019
  • J.D., University of Cincinnati College of Law, 2011; Institute of Law & Psychiatry Fellow; George A. Dornette Professional Responsibility/Ethics Award Recipient; Frederick H. Braun and Carol S. Friel Scholarship Recipient; The Ohio Innocence Project
  • B.A., University of Cincinnati, 2008; cum laude


In The Blogs

Previous Next
Data Counsel
New York Department of Financial Services Publishes Proposed Second Amendment to Its Cybersecurity Regulation
By Elise R. Elam, Patrick H. Haggerty, Vaughn Stupart
November 17, 2022
On Nov. 9, 2022, the New York State Department of Financial Services (NYDFS) published a proposed second amendment to its cybersecurity regulation. This follows its pre-proposed amendment that was published on July 29. Our prior analysis...
Data Counsel
2022 DSIR Report Deeper Dive: The Expanding Landscape of State Data Privacy Law
By Elise R. Elam, David H. Potter, Vaughn Stupart
August 30, 2022
BakerHostetler’s Data Security Incident Response Report is a one-of-a-kind resource that leverages aggregated data from security incidents. Our Digital Risk Advisory and Cybersecurity team has shared insights from attorneys across the...
Data Counsel
NYDFS Proposed Amendments to Its Cybersecurity Rules
By Elise R. Elam, Patrick H. Haggerty
August 9, 2022
On July 29, the New York Department of Financial Services (NYDFS) released Draft Amendments to its Part 500 Cybersecurity Rules that include a number of significant amendments to the rules, including notification requirements such as a...
Data Counsel
Florida Follows North Carolina in Prohibiting State Agencies from Paying Ransoms
By Elise R. Elam, Benjamin D. Wanger
July 19, 2022
We recently wrote about North Carolina’s new law prohibiting state agencies – including public schools and universities – from paying a ransom or even communicating with a threat actor following a ransomware incident. On June 24, Florida...
Data Counsel
DSIR Deeper Dive into the Data: Ransomware Front and Center
By Joseph L. Bruemmer, Elise R. Elam
June 16, 2022
There is no question that ransomware is here to stay. Thirty-seven percent of the matters we handled last year involved ransomware, compared to 27 percent of matters in 2020. In 2019, there were approximately 15 active ransomware threat...