Elise R. Elam

She | Her | Hers


T +1.513.929.3490
F +1.513.929.0303


Elise Elam guides clients through data security matters, including coordinating digital forensic investigations, determining breach notification obligations, overseeing implementation of restoration efforts and responding to regulatory inquiries. As a Certified Information Privacy Professional with a Master’s degree in Information Technology, Elise bridges the gap between legal, business and technology perspectives for clients.

Elise's passion for technology is the driving force behind her digital risk advisory and cybersecurity practice. She provides clients with a thorough, comprehensive view of their complex cybersecurity and privacy matters. Notably, she aids clients in preparing for and responding to data breach incidents. She works closely with clients to guide them through incident response and data breach investigations, including coordinating digital forensic investigations of data security incidents, determining breach notification obligations, and overseeing implementation of restoration efforts. Additionally, she has considerable experience preparing consumer and regulatory notification communications, as well as responses to regulatory inquiries. Elise has handled security incidents for a wide range of small and large entities, including educational institutions and other nonprofits, manufacturing companies, restaurants, and technology companies.

Elise previously served as a member of the team serving as counsel to the court-appointed Trustee under the Securities Investor Protection Act in the liquidation of Bernard L. Madoff Investment Securities, LLC, analyzing documents for responsiveness and relevance. By combining her experience handling complex challenges and her understanding of data privacy management, Elise positions clients to knowledgeably protect their digital assets.

Recognitions and Memberships


  • Certified Information Privacy Professional – Europe (CIPP/E)
  • Certified Information Privacy Professional – United States (CIPP/US)
  • Certified Information Privacy Manager (CIPM)
  • Certified Information Privacy Technologist (CIPT)


  • Cincinnati Bar Association, Cybersecurity & Data Privacy Practice Group: Vice Chair
  • International Association of Privacy Professionals (IAPP), Cincinnati KnowledgeNet Chapter: Young Privacy Professional
  • Ohio State Bar Association
  • Kentucky Bar Association
  • Northern Kentucky Bar Association


  • Cincinnati Bar Foundation: Board of Trustees
  • The Children's Home of Cincinnati, Ambassador Board: Engagement Committee Co-Chair
  • Covington Latin School, Alumni Association Board: Immediate Past President
  • The Hyde Park Center for Older Adults (2017 to 2019)
    • Board Member
    • Secretary of Board
    • Personnel Committee Chair

Prior Positions

  • The Honorable Jody M. Luebbers, Hamilton County Court of Common Pleas: Judicial Law Clerk


  • Ohio
  • Kentucky


  • M.S., Information Technology, Virginia Polytechnic Institute and State University, 2019
  • J.D., University of Cincinnati College of Law, 2011; Institute of Law & Psychiatry Fellow; George A. Dornette Professional Responsibility/Ethics Award Recipient; Frederick H. Braun and Carol S. Friel Scholarship Recipient; The Ohio Innocence Project
  • B.A., University of Cincinnati, 2008; cum laude


In The Blogs

Previous Next
Data Counsel
North Carolina is the First State to Prohibit Public Entities from Paying Ransoms: What Does This Mean for North Carolina Public Schools and Universities?
By Elise R. Elam, Benjamin D. Wanger
May 19, 2022
On April 5th, North Carolina became the first state to prohibit state agencies and local governments from paying ransoms after becoming victims of a ransomware attack. Indeed, in addition to prohibiting said entities from paying ransoms...
Data Counsel
Kentucky Joins Nearly 30 States by Enacting an Insurance Data Security Law
By Elise R. Elam
April 28, 2022
Kentucky became the latest state to adopt the NAIC insurance data security model law with Governor Andy Beshear’s signing of House Bill 474. The new law goes into effect Jan. 1, 2023, and gives covered licensees one or two years for...
Data Counsel
The Scourge of Ransomware
By Elise R. Elam, Craig A. Hoffman
May 13, 2021
Our 2021 Data Security Incident Response Report (DSIR) described ransomware as a scourge. There are stories every day about new threat actor groups and their victims. There are task forces, law enforcement initiatives, discussions by...